Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/rdoc@3.13
Typegem
Namespace
Namerdoc
Version3.13
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.1.2.1
Latest_non_vulnerable_version6.6.3.1
Affected_by_vulnerabilities
0
url VCID-pb4n-q6u8-syds
vulnerability_id VCID-pb4n-q6u8-syds
summary 
XSS exploit of RDoc documentation generated by rdoc
This exploit may lead to cookie disclosure to third parties. The exploit exists in darkfish.js which is copied from the RDoc install location to the generated documentation. RDoc is a static documentation generation tool. Patching the library itself is insufficient to correct this exploit.
references
0
reference_url http://blog.segment7.net/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
reference_id
reference_type
scores
url http://blog.segment7.net/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0701.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0701.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-0728.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0728.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0256
reference_id
reference_type
scores
0
value 0.03584
scoring_system epss
scoring_elements 0.87759
published_at 2026-04-21T12:55:00Z
1
value 0.03584
scoring_system epss
scoring_elements 0.87692
published_at 2026-04-01T12:55:00Z
2
value 0.03584
scoring_system epss
scoring_elements 0.87702
published_at 2026-04-02T12:55:00Z
3
value 0.03584
scoring_system epss
scoring_elements 0.87714
published_at 2026-04-04T12:55:00Z
4
value 0.03584
scoring_system epss
scoring_elements 0.87716
published_at 2026-04-07T12:55:00Z
5
value 0.03584
scoring_system epss
scoring_elements 0.87738
published_at 2026-04-08T12:55:00Z
6
value 0.03584
scoring_system epss
scoring_elements 0.87744
published_at 2026-04-09T12:55:00Z
7
value 0.03584
scoring_system epss
scoring_elements 0.87755
published_at 2026-04-11T12:55:00Z
8
value 0.03584
scoring_system epss
scoring_elements 0.87749
published_at 2026-04-12T12:55:00Z
9
value 0.03584
scoring_system epss
scoring_elements 0.87747
published_at 2026-04-13T12:55:00Z
10
value 0.03584
scoring_system epss
scoring_elements 0.87761
published_at 2026-04-16T12:55:00Z
11
value 0.03584
scoring_system epss
scoring_elements 0.8776
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0256
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=907820
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=907820
10
reference_url http://secunia.com/advisories/52774
reference_id
reference_type
scores
url http://secunia.com/advisories/52774
11
reference_url https://github.com/advisories/GHSA-v2r9-c84j-v7xm
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v2r9-c84j-v7xm
12
reference_url https://github.com/rdoc/rdoc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rdoc/rdoc
13
reference_url https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
14
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0256
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0256
16
reference_url https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
17
reference_url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256
18
reference_url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/
reference_id
reference_type
scores
url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/
19
reference_url http://www.ubuntu.com/usn/USN-1733-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1733-1
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:rdoc:4.0.0:preview2:*:*:*:ruby:*:*
reference_id cpe:2.3:a:ruby-lang:rdoc:4.0.0:preview2:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:rdoc:4.0.0:preview2:*:*:*:ruby:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:rdoc:*:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:ruby-lang:rdoc:*:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:rdoc:*:*:*:*:*:ruby:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
37
reference_url https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc
reference_id CVE-2013-0256.RDOC
reference_type
scores
url https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc
38
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
39
reference_url https://access.redhat.com/errata/RHSA-2013:0701
reference_id RHSA-2013:0701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0701
40
reference_url https://access.redhat.com/errata/RHSA-2013:0728
reference_id RHSA-2013:0728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0728
41
reference_url https://usn.ubuntu.com/1733-1/
reference_id USN-1733-1
reference_type
scores
url https://usn.ubuntu.com/1733-1/
fixed_packages
0
url pkg:gem/rdoc@4.0.0.rc.2
purl pkg:gem/rdoc@4.0.0.rc.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3s9f-prpy-hbcx
1
vulnerability VCID-a1z8-2fdu-1uhd
2
vulnerability VCID-tmjp-8edk-nyh3
3
vulnerability VCID-xdph-4cg9-6qah
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rdoc@4.0.0.rc.2
aliases CVE-2013-0256, GHSA-v2r9-c84j-v7xm, OSV-90004
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pb4n-q6u8-syds
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/rdoc@3.13