VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/130660?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/130660?format=api",
    "purl": "pkg:ruby/ruby@1.8.6",
    "type": "ruby",
    "namespace": "",
    "name": "ruby",
    "version": "1.8.6",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": null,
    "latest_non_vulnerable_version": null,
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=api",
            "vulnerability_id": "VCID-5bte-uex2-f7du",
            "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"
                },
                {
                    "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90946",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90872",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90877",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90887",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90897",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90908",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90915",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90924",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90922",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90947",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.06265",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90945",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30802",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30802"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30831"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30867",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30867"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30875",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30875"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30894",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30894"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31062",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31062"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31090",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31090"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31181",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31181"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31256",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31256"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31687",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31687"
                },
                {
                    "reference_url": "http://secunia.com/advisories/33178",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/33178"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
                },
                {
                    "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348"
                },
                {
                    "reference_url": "https://issues.rpath.com/browse/RPL-2626",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://issues.rpath.com/browse/RPL-2626"
                },
                {
                    "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"
                },
                {
                    "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646"
                },
                {
                    "reference_url": "http://support.apple.com/kb/HT2163",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://support.apple.com/kb/HT2163"
                },
                {
                    "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"
                },
                {
                    "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"
                },
                {
                    "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1612"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1618",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1618"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
                },
                {
                    "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
                },
                {
                    "reference_url": "http://www.ruby-forum.com/topic/157034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-forum.com/topic/157034"
                },
                {
                    "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"
                },
                {
                    "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/29903",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/29903"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id?1020347",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id?1020347"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/usn-621-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/usn-621-1"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1907/references"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1981/references"
                },
                {
                    "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834",
                    "reference_id": "450834",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664",
                    "reference_id": "CVE-2008-2664",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/200812-17",
                    "reference_id": "GLSA-200812-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/200812-17"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561",
                    "reference_id": "RHSA-2008:0561",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0561"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562",
                    "reference_id": "RHSA-2008:0562",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0562"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/621-1/",
                    "reference_id": "USN-621-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/621-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-2664",
                "GHSA-c4h6-p7gp-39x2",
                "OSV-46552"
            ],
            "risk_score": 3.5,
            "exploitability": "0.5",
            "weighted_severity": "7.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88636?format=api",
            "vulnerability_id": "VCID-8e2m-f1fg-ffdy",
            "summary": "Net: HTTP insufficient verification of SSL certificate",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5162.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5162.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5162",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70989",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70999",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71017",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70991",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71034",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71049",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71072",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71057",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71039",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71085",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00658",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71092",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5162"
                },
                {
                    "reference_url": "https://www.ruby-lang.org/en/news/2007/10/04/net-https-vulnerability/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.ruby-lang.org/en/news/2007/10/04/net-https-vulnerability/"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=313691",
                    "reference_id": "313691",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=313691"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2007:0961",
                    "reference_id": "RHSA-2007:0961",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2007:0961"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2007:0965",
                    "reference_id": "RHSA-2007:0965",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2007:0965"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/596-1/",
                    "reference_id": "USN-596-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/596-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2007-5162",
                "GHSA-26pc-wx8w-v5vj"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8e2m-f1fg-ffdy"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=api",
            "vulnerability_id": "VCID-9gp6-pvw1-ufhs",
            "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"
                },
                {
                    "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85333",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85305",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8532",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85318",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85315",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85335",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.0249",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85336",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.03164",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86873",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.03164",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86884",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.03164",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86902",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.03164",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86897",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.03164",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86917",
                            "published_at": "2026-04-08T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725"
                },
                {
                    "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30802",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30802"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30831"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30867",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30867"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30875",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30875"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30894",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30894"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31062",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31062"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31090",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31090"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31181",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31181"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31256",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31256"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31687",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31687"
                },
                {
                    "reference_url": "http://secunia.com/advisories/33178",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/33178"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
                },
                {
                    "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350"
                },
                {
                    "reference_url": "https://issues.rpath.com/browse/RPL-2626",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://issues.rpath.com/browse/RPL-2626"
                },
                {
                    "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"
                },
                {
                    "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606"
                },
                {
                    "reference_url": "http://support.apple.com/kb/HT2163",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://support.apple.com/kb/HT2163"
                },
                {
                    "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"
                },
                {
                    "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"
                },
                {
                    "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1612"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1618",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1618"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
                },
                {
                    "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"
                },
                {
                    "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
                },
                {
                    "reference_url": "http://www.ruby-forum.com/topic/157034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-forum.com/topic/157034"
                },
                {
                    "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"
                },
                {
                    "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/29903",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/29903"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id?1020347",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id?1020347"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/usn-621-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/usn-621-1"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1907/references"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1981/references"
                },
                {
                    "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821",
                    "reference_id": "451821",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725",
                    "reference_id": "CVE-2008-2725",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/200812-17",
                    "reference_id": "GLSA-200812-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/200812-17"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561",
                    "reference_id": "RHSA-2008:0561",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0561"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562",
                    "reference_id": "RHSA-2008:0562",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0562"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/621-1/",
                    "reference_id": "USN-621-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/621-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-2725",
                "GHSA-924x-9756-qq8p",
                "OSV-46553"
            ],
            "risk_score": 3.5,
            "exploitability": "0.5",
            "weighted_severity": "7.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=api",
            "vulnerability_id": "VCID-c9sy-czbr-tfer",
            "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"
                },
                {
                    "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86168",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86159",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86158",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86154",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86171",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86176",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.02819",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86145",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.02858",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86182",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.02858",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86192",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.02858",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86206",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.02858",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86225",
                            "published_at": "2026-04-08T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726"
                },
                {
                    "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30802",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30802"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30831"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30867",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30867"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30875",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30875"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30894",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30894"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31062",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31062"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31090",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31090"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31181",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31181"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31256",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31256"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31687",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31687"
                },
                {
                    "reference_url": "http://secunia.com/advisories/33178",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/33178"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
                },
                {
                    "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351"
                },
                {
                    "reference_url": "https://issues.rpath.com/browse/RPL-2626",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://issues.rpath.com/browse/RPL-2626"
                },
                {
                    "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"
                },
                {
                    "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959"
                },
                {
                    "reference_url": "http://support.apple.com/kb/HT2163",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://support.apple.com/kb/HT2163"
                },
                {
                    "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460"
                },
                {
                    "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"
                },
                {
                    "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"
                },
                {
                    "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1612"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1618",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1618"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
                },
                {
                    "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"
                },
                {
                    "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
                },
                {
                    "reference_url": "http://www.ruby-forum.com/topic/157034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-forum.com/topic/157034"
                },
                {
                    "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"
                },
                {
                    "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/29903",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/29903"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id?1020347",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id?1020347"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/usn-621-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/usn-621-1"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1907/references"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1981/references"
                },
                {
                    "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828",
                    "reference_id": "451828",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726",
                    "reference_id": "CVE-2008-2726",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/200812-17",
                    "reference_id": "GLSA-200812-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/200812-17"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561",
                    "reference_id": "RHSA-2008:0561",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0561"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562",
                    "reference_id": "RHSA-2008:0562",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0562"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/621-1/",
                    "reference_id": "USN-621-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/621-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-2726",
                "GHSA-v2mw-g73g-923h",
                "OSV-46554"
            ],
            "risk_score": 3.5,
            "exploitability": "0.5",
            "weighted_severity": "7.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88490?format=api",
            "vulnerability_id": "VCID-ea13-mua4-1fb9",
            "summary": "ruby: WEBrick CGI source disclosure",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5238",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52425",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52453",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52418",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52471",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52465",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52516",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.525",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52483",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52523",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52529",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00291",
                            "scoring_system": "epss",
                            "scoring_elements": "0.52514",
                            "published_at": "2026-04-21T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1891"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1891"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829",
                    "reference_id": "443829",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=443829"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7305",
                    "reference_id": "RHSA-2026:7305",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7305"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7307",
                    "reference_id": "RHSA-2026:7307",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7307"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:8838",
                    "reference_id": "RHSA-2026:8838",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:8838"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-1891",
                "GHSA-rhf2-x48g-5wr7"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea13-mua4-1fb9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=api",
            "vulnerability_id": "VCID-jx79-wpg7-2yaa",
            "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"
                },
                {
                    "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86052",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85973",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.85985",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86001",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8602",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8603",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86044",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86042",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86037",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86055",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.02771",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8606",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30802",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30802"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30831"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30867",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30867"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30875",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30875"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30894",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30894"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31062",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31062"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31181",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31181"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31256",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31256"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31687",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31687"
                },
                {
                    "reference_url": "http://secunia.com/advisories/33178",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/33178"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
                },
                {
                    "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345"
                },
                {
                    "reference_url": "https://issues.rpath.com/browse/RPL-2626",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://issues.rpath.com/browse/RPL-2626"
                },
                {
                    "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"
                },
                {
                    "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601"
                },
                {
                    "reference_url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://support.apple.com/kb/HT2163",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://support.apple.com/kb/HT2163"
                },
                {
                    "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"
                },
                {
                    "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1612"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1618",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1618"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
                },
                {
                    "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
                },
                {
                    "reference_url": "http://www.ruby-forum.com/topic/157034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-forum.com/topic/157034"
                },
                {
                    "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"
                },
                {
                    "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/29903",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/29903"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id?1020347",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id?1020347"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/usn-621-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/usn-621-1"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1907/references"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1981/references"
                },
                {
                    "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821",
                    "reference_id": "450821",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662",
                    "reference_id": "CVE-2008-2662",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "10.0",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/200812-17",
                    "reference_id": "GLSA-200812-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/200812-17"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561",
                    "reference_id": "RHSA-2008:0561",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0561"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/621-1/",
                    "reference_id": "USN-621-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/621-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-2662",
                "GHSA-6wwf-x53r-5qqq",
                "OSV-46550"
            ],
            "risk_score": 4.5,
            "exploitability": "0.5",
            "weighted_severity": "9.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=api",
            "vulnerability_id": "VCID-mzqm-gc4w-fbfp",
            "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"
                },
                {
                    "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87199",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8713",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8714",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87157",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87154",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87174",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87182",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87195",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87189",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87185",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.872",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.03283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.87205",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30802",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30802"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30831"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30867",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30867"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30875",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30875"
                },
                {
                    "reference_url": "http://secunia.com/advisories/30894",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/30894"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31062",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31062"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31090",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31090"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31181",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31181"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31256",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31256"
                },
                {
                    "reference_url": "http://secunia.com/advisories/31687",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/31687"
                },
                {
                    "reference_url": "http://secunia.com/advisories/33178",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/33178"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
                },
                {
                    "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346"
                },
                {
                    "reference_url": "https://issues.rpath.com/browse/RPL-2626",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://issues.rpath.com/browse/RPL-2626"
                },
                {
                    "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"
                },
                {
                    "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524"
                },
                {
                    "reference_url": "http://support.apple.com/kb/HT2163",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://support.apple.com/kb/HT2163"
                },
                {
                    "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"
                },
                {
                    "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"
                },
                {
                    "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"
                },
                {
                    "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1612"
                },
                {
                    "reference_url": "http://www.debian.org/security/2008/dsa-1618",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2008/dsa-1618"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
                },
                {
                    "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
                },
                {
                    "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
                },
                {
                    "reference_url": "http://www.ruby-forum.com/topic/157034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-forum.com/topic/157034"
                },
                {
                    "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"
                },
                {
                    "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/29903",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/29903"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id?1020347",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id?1020347"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/usn-621-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/usn-621-1"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1907/references"
                },
                {
                    "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.vupen.com/english/advisories/2008/1981/references"
                },
                {
                    "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825",
                    "reference_id": "450825",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663",
                    "reference_id": "CVE-2008-2663",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "10.0",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/200812-17",
                    "reference_id": "GLSA-200812-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/200812-17"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561",
                    "reference_id": "RHSA-2008:0561",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0561"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562",
                    "reference_id": "RHSA-2008:0562",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2008:0562"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/621-1/",
                    "reference_id": "USN-621-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/621-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2008-2663",
                "GHSA-8rh4-h2wx-5jpx",
                "OSV-46551"
            ],
            "risk_score": 4.5,
            "exploitability": "0.5",
            "weighted_severity": "9.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "4.5",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.6"
}

Package Instance