Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/130657?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/130657?format=api", "purl": "pkg:ruby/ruby@1.8.7", "type": "ruby", "namespace": "", "name": "ruby", "version": "1.8.7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40990?format=api", "vulnerability_id": "VCID-4yvc-uzev-wua4", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96642", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96594", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96624", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96633", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96638", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32372" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020656", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020656" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948", "reference_id": "458948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655", "reference_id": "CVE-2008-3655", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb", "reference_id": "CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0895", "reference_id": "RHSA-2008:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3655", "GHSA-p524-ppf2-w36w" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=api", "vulnerability_id": "VCID-5bte-uex2-f7du", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90887", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90908", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90945", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834", "reference_id": "450834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664", "reference_id": "CVE-2008-2664", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2664", "GHSA-c4h6-p7gp-39x2", "OSV-46552" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=api", "vulnerability_id": "VCID-8fbf-8fea-27d9", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "reference_url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99422", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" }, { "reference_url": "http://secunia.com/advisories/30925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30925" }, { "reference_url": "http://secunia.com/advisories/30973", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30973" }, { "reference_url": "http://secunia.com/advisories/30977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30977" }, { "reference_url": "http://secunia.com/advisories/30979", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30979" }, { "reference_url": "http://secunia.com/advisories/30980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30980" }, { "reference_url": "http://secunia.com/advisories/30988", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30988" }, { "reference_url": "http://secunia.com/advisories/30989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30989" }, { "reference_url": "http://secunia.com/advisories/30998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30998" }, { "reference_url": "http://secunia.com/advisories/31011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31011" }, { "reference_url": "http://secunia.com/advisories/31012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31012" }, { "reference_url": "http://secunia.com/advisories/31014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31014" }, { "reference_url": "http://secunia.com/advisories/31019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31019" }, { "reference_url": "http://secunia.com/advisories/31022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31022" }, { "reference_url": "http://secunia.com/advisories/31030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31030" }, { "reference_url": "http://secunia.com/advisories/31031", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31031" }, { "reference_url": "http://secunia.com/advisories/31033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31033" }, { "reference_url": "http://secunia.com/advisories/31052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31052" }, { "reference_url": "http://secunia.com/advisories/31065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31065" }, { "reference_url": "http://secunia.com/advisories/31072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31072" }, { "reference_url": "http://secunia.com/advisories/31093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31093" }, { "reference_url": "http://secunia.com/advisories/31094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31094" }, { "reference_url": "http://secunia.com/advisories/31137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31137" }, { "reference_url": "http://secunia.com/advisories/31143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31143" }, { "reference_url": "http://secunia.com/advisories/31151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31151" }, { "reference_url": "http://secunia.com/advisories/31152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31152" }, { "reference_url": "http://secunia.com/advisories/31153", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31153" }, { "reference_url": "http://secunia.com/advisories/31169", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31169" }, { "reference_url": "http://secunia.com/advisories/31197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31197" }, { "reference_url": "http://secunia.com/advisories/31199", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31199" }, { "reference_url": "http://secunia.com/advisories/31204", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31204" }, { "reference_url": "http://secunia.com/advisories/31207", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31207" }, { "reference_url": "http://secunia.com/advisories/31209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31209" }, { "reference_url": "http://secunia.com/advisories/31212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31212" }, { "reference_url": "http://secunia.com/advisories/31213", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31213" }, { "reference_url": "http://secunia.com/advisories/31221", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31221" }, { "reference_url": "http://secunia.com/advisories/31236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31236" }, { "reference_url": "http://secunia.com/advisories/31237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31237" }, { "reference_url": "http://secunia.com/advisories/31254", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31254" }, { "reference_url": "http://secunia.com/advisories/31326", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31326" }, { "reference_url": "http://secunia.com/advisories/31354", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31354" }, { "reference_url": "http://secunia.com/advisories/31422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31422" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31451", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31451" }, { "reference_url": "http://secunia.com/advisories/31482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31482" }, { "reference_url": "http://secunia.com/advisories/31495", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31495" }, { "reference_url": "http://secunia.com/advisories/31588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31588" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/31823", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31823" }, { "reference_url": "http://secunia.com/advisories/31882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31882" }, { "reference_url": "http://secunia.com/advisories/31900", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31900" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33714" }, { "reference_url": "http://secunia.com/advisories/33786", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33786" }, { "reference_url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-08.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "reference_url": "http://support.apple.com/kb/HT3026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3026" }, { "reference_url": "http://support.apple.com/kb/HT3129", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3129" }, { "reference_url": "http://support.citrix.com/article/CTX117991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX117991" }, { "reference_url": "http://support.citrix.com/article/CTX118183", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX118183" }, { "reference_url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152" }, { "reference_url": "https://www.exploit-db.com/exploits/6122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6122" }, { "reference_url": "https://www.exploit-db.com/exploits/6123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6123" }, { "reference_url": "https://www.exploit-db.com/exploits/6130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6130" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "reference_url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1603", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1603" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1604", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1604" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1605", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1605" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1619", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1619" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1623" }, { "reference_url": "http://www.doxpara.com/DMK_BO2K8.ppt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "reference_url": "http://www.doxpara.com/?p=1176", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/?p=1176" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "reference_url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40" }, { "reference_url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "reference_url": "http://www.kb.cert.org/vuls/id/800113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/800113" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "reference_url": "http://www.nominum.com/asset_upload_file741_2661.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "reference_url": "http://www.novell.com/support/viewContent.do?externalId=7000912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "reference_url": "http://www.openbsd.org/errata42.html#013_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "reference_url": "http://www.openbsd.org/errata43.html#004_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "reference_url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30131" }, { "reference_url": "http://www.securitytracker.com/id?1020437", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020437" }, { "reference_url": "http://www.securitytracker.com/id?1020438", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020438" }, { "reference_url": "http://www.securitytracker.com/id?1020440", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020440" }, { "reference_url": "http://www.securitytracker.com/id?1020448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020448" }, { "reference_url": "http://www.securitytracker.com/id?1020449", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020449" }, { "reference_url": "http://www.securitytracker.com/id?1020548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020548" }, { "reference_url": "http://www.securitytracker.com/id?1020558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020558" }, { "reference_url": "http://www.securitytracker.com/id?1020560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020560" }, { "reference_url": "http://www.securitytracker.com/id?1020561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020561" }, { "reference_url": "http://www.securitytracker.com/id?1020575", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020575" }, { "reference_url": "http://www.securitytracker.com/id?1020576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020576" }, { "reference_url": "http://www.securitytracker.com/id?1020577", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020577" }, { "reference_url": "http://www.securitytracker.com/id?1020578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020578" }, { "reference_url": "http://www.securitytracker.com/id?1020579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020579" }, { "reference_url": "http://www.securitytracker.com/id?1020651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020651" }, { "reference_url": "http://www.securitytracker.com/id?1020653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020653" }, { "reference_url": "http://www.securitytracker.com/id?1020702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020702" }, { "reference_url": "http://www.securitytracker.com/id?1020802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020802" }, { "reference_url": "http://www.securitytracker.com/id?1020804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020804" }, { "reference_url": "http://www.ubuntu.com/usn/usn-622-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "reference_url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2019/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2023/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2025/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2029/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2030/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2050/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2051/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2052/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2055/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2092/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2113/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2114/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2123/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2139/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2166/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2195/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2196/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2197/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2197/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2268", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2377", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2383", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2467", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2525", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2582", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0622", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345", "reference_id": "449345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123", "reference_id": "490123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465", "reference_id": "492465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698", "reference_id": "492698", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700", "reference_id": "492700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599", "reference_id": "493599", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447", "reference_id": "CVE-2008-1447", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447" }, { "reference_url": "https://security.gentoo.org/glsa/200807-08", "reference_id": "GLSA-200807-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-08" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://security.gentoo.org/glsa/200901-03", "reference_id": "GLSA-200901-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200901-03" }, { "reference_url": "https://security.gentoo.org/glsa/201209-25", "reference_id": "GLSA-201209-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-25" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0533", "reference_id": "RHSA-2008:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0789", "reference_id": "RHSA-2008:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0789" }, { "reference_url": "https://usn.ubuntu.com/622-1/", "reference_id": "USN-622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/622-1/" }, { "reference_url": "https://usn.ubuntu.com/627-1/", "reference_id": "USN-627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/627-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1447" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88632?format=api", "vulnerability_id": "VCID-94vg-kqhg-qfdv", "summary": "net:: * modules", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5770.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91886", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91908", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91921", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91929", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91941", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07714", "scoring_system": "epss", "scoring_elements": "0.91938", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5770" }, { "reference_url": "http://www.cvedetails.com/cve/CVE-2007-5770/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cvedetails.com/cve/CVE-2007-5770/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=362081", "reference_id": "362081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=362081" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0961", "reference_id": "RHSA-2007:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0965", "reference_id": "RHSA-2007:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0965" }, { "reference_url": "https://usn.ubuntu.com/596-1/", "reference_id": "USN-596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/596-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5770", "GHSA-mf83-c25g-48r6" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94vg-kqhg-qfdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=api", "vulnerability_id": "VCID-9gp6-pvw1-ufhs", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.8532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85315", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85336", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86917", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821", "reference_id": "451821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725", "reference_id": "CVE-2008-2725", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2725", "GHSA-924x-9756-qq8p", "OSV-46553" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87786?format=api", "vulnerability_id": "VCID-9ukz-9357-aqb6", "summary": "Ruby WEBrick javascript injection flaw", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82315", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82342", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82395", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.8242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01718", "scoring_system": "epss", "scoring_elements": "0.82421", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0541" }, { "reference_url": "http://secunia.com/advisories/40220", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40220" }, { "reference_url": "https://support.apple.com/en-us/HT4188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/en-us/HT4188" }, { "reference_url": "http://support.apple.com/kb/HT4188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4188" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:097" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:098" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.securityfocus.com/bid/40871", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40871" }, { "reference_url": "http://www.securityfocus.com/bid/40895", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40895" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1481", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1481" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=587731", "reference_id": "587731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=587731" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0541", "reference_id": "CVE-2010-0541", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0908", "reference_id": "RHSA-2011:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://usn.ubuntu.com/1377-1/", "reference_id": "USN-1377-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1377-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2010-0541", "GHSA-h9r2-943c-qg8v", "OSV-65556" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ukz-9357-aqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40992?format=api", "vulnerability_id": "VCID-a15m-bcma-vfa7", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65085", "scoring_system": "epss", "scoring_elements": "0.98484", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.65085", "scoring_system": "epss", "scoring_elements": "0.98483", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.9862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98611", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98625", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98613", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020654" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953", "reference_id": "458953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://www.securityfocus.com/bid/30644/info", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30644/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb", "reference_id": "CVE-2008-4310;OSVDB-47471;CVE-2008-3656", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3656", "GHSA-823x-6r7f-v9x6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8434?format=api", "vulnerability_id": "VCID-bv9s-j5yk-m3aw", "summary": "WEBrick Improper Input Validation vulnerability\nWEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95076", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95123", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95118", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.9511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95105", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95099", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95096", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17685", "scoring_system": "epss", "scoring_elements": "0.95086", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4492" }, { "reference_url": "https://github.com/ruby/webrick", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ruby/webrick" }, { "reference_url": "https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089" }, { "reference_url": "https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949" }, { "reference_url": "https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429" }, { "reference_url": "https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0908.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0909.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection" }, { "reference_url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=554485", "reference_id": "554485", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554485" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4492", "reference_id": "CVE-2009-4492", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4492" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt", "reference_id": "CVE-2009-4492;OSVDB-61774", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37710/info", "reference_id": "CVE-2009-4492;OSVDB-61774", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37710/info" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml", "reference_id": "CVE-2009-4492.YML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml" }, { "reference_url": "https://github.com/advisories/GHSA-6mq2-37j5-w6r6", "reference_id": "GHSA-6mq2-37j5-w6r6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mq2-37j5-w6r6" }, { "reference_url": "https://security.gentoo.org/glsa/201001-09", "reference_id": "GLSA-201001-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201001-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0908", "reference_id": "RHSA-2011:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0909", "reference_id": "RHSA-2011:0909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0909" }, { "reference_url": "https://usn.ubuntu.com/900-1/", "reference_id": "USN-900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/900-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-4492", "GHSA-6mq2-37j5-w6r6", "OSV-61774" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv9s-j5yk-m3aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=api", "vulnerability_id": "VCID-c9sy-czbr-tfer", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86168", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86176", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86145", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86192", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86225", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828", "reference_id": "451828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726", "reference_id": "CVE-2008-2726", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2726", "GHSA-v2mw-g73g-923h", "OSV-46554" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88490?format=api", "vulnerability_id": "VCID-ea13-mua4-1fb9", "summary": "ruby: WEBrick CGI source disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52471", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52465", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52483", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52529", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52514", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829", "reference_id": "443829", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1891", "GHSA-rhf2-x48g-5wr7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea13-mua4-1fb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40993?format=api", "vulnerability_id": "VCID-fw7k-88kf-1kgg", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.9586", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.9584", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95858", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020652" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966", "reference_id": "458966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3657", "GHSA-5f6v-fgcw-j5px" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=api", "vulnerability_id": "VCID-jx79-wpg7-2yaa", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86052", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8603", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86055", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8606", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601" }, { "reference_url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821", "reference_id": "450821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662", "reference_id": "CVE-2008-2662", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2662", "GHSA-6wwf-x53r-5qqq", "OSV-46550" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=api", "vulnerability_id": "VCID-mzqm-gc4w-fbfp", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87199", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.872", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87205", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825", "reference_id": "450825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663", "reference_id": "CVE-2008-2663", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2663", "GHSA-8rh4-h2wx-5jpx", "OSV-46551" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40984?format=api", "vulnerability_id": "VCID-nsa4-b31c-37g2", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93579", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.9354", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93569", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93574", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376" }, { "reference_url": "http://secunia.com/advisories/30927", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30927" }, { "reference_url": "http://secunia.com/advisories/31006", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31006" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2639" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/02/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/02/3" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589", "reference_id": "453589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2376", "GHSA-f7wf-fwmg-r7g3" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40996?format=api", "vulnerability_id": "VCID-pegr-f5mh-ekdz", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87077", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87007", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8705", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87071", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8708", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32948", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32948" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/03/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/04/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/04/9" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/bid/31699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31699" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495", "reference_id": "461495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305", "reference_id": "RHSA-2026:7305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307", "reference_id": "RHSA-2026:7307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838", "reference_id": "RHSA-2026:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8838" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3905", "GHSA-vwcj-mf69-7rfw" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88381?format=api", "vulnerability_id": "VCID-qjwb-ph9u-bubf", "summary": "ruby: Memory allocation failure in Ruby regex engine (remotely exploitable DoS)", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96609", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9656", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96575", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96586", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96588", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.9659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.966", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29255", "scoring_system": "epss", "scoring_elements": "0.96605", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32372" }, { "reference_url": "http://secunia.com/advisories/33185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33185" }, { "reference_url": "http://secunia.com/advisories/33398", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33398" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://securityreason.com/securityalert/4158", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/4158" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44688" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.exploit-db.com/exploits/6239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6239" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1695", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1695" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.securityfocus.com/bid/30682", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30682" }, { "reference_url": "http://www.securitytracker.com/id?1021075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1021075" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=459266", "reference_id": "459266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=459266" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3443", "reference_id": "CVE-2008-3443", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3443" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt", "reference_id": "OSVDB-47800;CVE-2008-3443", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0895", "reference_id": "RHSA-2008:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" }, { "reference_url": "https://usn.ubuntu.com/691-1/", "reference_id": "USN-691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/691-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-3443" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjwb-ph9u-bubf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88232?format=api", "vulnerability_id": "VCID-xtny-ychb-fff1", "summary": "ruby: Incorrect checks for validity of X.509 certificates", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528" }, { "reference_url": "http://redmine.ruby-lang.org/issues/show/1091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://redmine.ruby-lang.org/issues/show/1091" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76711", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76618", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.7665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76674", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76716", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00974", "scoring_system": "epss", "scoring_elements": "0.76721", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0642" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528" }, { "reference_url": "http://secunia.com/advisories/33750", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33750" }, { "reference_url": "http://secunia.com/advisories/35699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35699" }, { "reference_url": "http://secunia.com/advisories/35937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35937" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:193", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:193" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html" }, { "reference_url": "http://www.securityfocus.com/bid/33769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/33769" }, { "reference_url": "http://www.securitytracker.com/id?1022505", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1022505" }, { "reference_url": "http://www.ubuntu.com/usn/USN-805-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-805-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=486183", "reference_id": "486183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=486183" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0642", "reference_id": "CVE-2009-0642", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1140", "reference_id": "RHSA-2009:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1140" }, { "reference_url": "https://usn.ubuntu.com/805-1/", "reference_id": "USN-805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/805-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0642", "GHSA-4gvm-4mw2-9fpv" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtny-ychb-fff1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59535?format=api", "vulnerability_id": "VCID-ynyp-ybd9-57df", "summary": "A flaw in the Ruby standard library might allow remote attackers to cause a\n Denial of Service attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1904.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89136", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89138", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89172", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89168", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89178", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89177", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89175", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1904" }, { "reference_url": "https://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=504958", "reference_id": "504958", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504958" }, { "reference_url": "https://security.gentoo.org/glsa/200906-02", "reference_id": "GLSA-200906-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200906-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1140", "reference_id": "RHSA-2009:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1140" }, { "reference_url": "https://usn.ubuntu.com/805-1/", "reference_id": "USN-805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/805-1/" }, { "reference_url": "https://usn.ubuntu.com/900-1/", "reference_id": "USN-900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/900-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1904", "GHSA-prwc-wj59-8vwr", "OSV-55031" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ynyp-ybd9-57df" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.7" }