Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rubygem-nokogiri@1.5.0-0.9.beta4?arch=el6cf
Typerpm
Namespaceredhat
Namerubygem-nokogiri
Version1.5.0-0.9.beta4
Qualifiers
arch el6cf
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-3had-cag4-77bm
vulnerability_id VCID-3had-cag4-77bm
summary Candlepin: bootstrap RPM deploys CA certificate file with mode 666
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6116.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6116
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.216
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6116
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=906207
reference_id 906207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=906207
3
reference_url https://access.redhat.com/errata/RHSA-2013:0547
reference_id RHSA-2013:0547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0547
4
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
aliases CVE-2012-6116
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3had-cag4-77bm
1
url VCID-4u64-j7gm-5ke9
vulnerability_id VCID-4u64-j7gm-5ke9
summary 
Uncontrolled Resource Consumption
lib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
references
0
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
5
reference_url https://access.redhat.com/security/cve/CVE-2012-6109
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-6109
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74868
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895277
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895277
8
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
9
reference_url https://github.com/rack/rack/blob/master/README.rdoc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/blob/master/README.rdoc
10
reference_url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
12
reference_url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
13
reference_url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
14
reference_url https://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2013-0544.html
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
reference_id CVE-2012-6109
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
17
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2012-6109, GHSA-h77x-m5q8-c29h, OSV-89317
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4u64-j7gm-5ke9
2
url VCID-5hc5-epr4-1qh6
vulnerability_id VCID-5hc5-epr4-1qh6
summary Katello: Notifications page Username XSS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1823.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1823.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1823
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51389
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1823
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=918784
reference_id 918784
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=918784
3
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
aliases CVE-2013-1823
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hc5-epr4-1qh6
3
url VCID-6yf4-8k7v-p7d7
vulnerability_id VCID-6yf4-8k7v-p7d7
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
multipart/parser.rb in Rack allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rack.github.com
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rack.github.com
2
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
5
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json
7
reference_url https://access.redhat.com/security/cve/CVE-2013-0183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0183
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0183
reference_id
reference_type
scores
0
value 0.01824
scoring_system epss
scoring_elements 0.83229
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0183
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895282
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895282
10
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
11
reference_url https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff
12
reference_url https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml
14
reference_url https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs
15
reference_url https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI
16
reference_url https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs
17
reference_url https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI
18
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0183
reference_id CVE-2013-0183
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0183
21
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2013-0183, GHSA-3pxh-h8hw-mj8w, OSV-89320
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yf4-8k7v-p7d7
4
url VCID-6z58-b8tk-pbgy
vulnerability_id VCID-6z58-b8tk-pbgy
summary aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4462.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4462
reference_id
reference_type
scores
0
value 0.00686
scoring_system epss
scoring_elements 0.72107
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4462
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=860850
reference_id 860850
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=860850
3
reference_url https://access.redhat.com/errata/RHSA-2013:0564
reference_id RHSA-2013:0564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0564
4
reference_url https://access.redhat.com/errata/RHSA-2013:0565
reference_id RHSA-2013:0565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0565
fixed_packages
aliases CVE-2012-4462
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6z58-b8tk-pbgy
5
url VCID-ac75-ed1t-euc4
vulnerability_id VCID-ac75-ed1t-euc4
summary 
XSS exploit of RDoc documentation generated by rdoc
This exploit may lead to cookie disclosure to third parties. The exploit exists in darkfish.js which is copied from the RDoc install location to the generated documentation. RDoc is a static documentation generation tool. Patching the library itself is insufficient to correct this exploit.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-0701.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0701.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0728.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0728.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0256
reference_id
reference_type
scores
0
value 0.02671
scoring_system epss
scoring_elements 0.86094
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0256
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=907820
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=907820
8
reference_url https://github.com/advisories/GHSA-v2r9-c84j-v7xm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v2r9-c84j-v7xm
9
reference_url https://github.com/rdoc/rdoc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rdoc/rdoc
10
reference_url https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0256
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0256
13
reference_url https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2
14
reference_url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256
15
reference_url http://www.ubuntu.com/usn/USN-1733-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1733-1
16
reference_url https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc
reference_id CVE-2013-0256.RDOC
reference_type
scores
url https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc
17
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
18
reference_url https://access.redhat.com/errata/RHSA-2013:0701
reference_id RHSA-2013:0701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0701
19
reference_url https://access.redhat.com/errata/RHSA-2013:0728
reference_id RHSA-2013:0728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0728
fixed_packages
aliases CVE-2013-0256, GHSA-v2r9-c84j-v7xm, OSV-90004
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ac75-ed1t-euc4
6
url VCID-b9hw-gxbc-mkfy
vulnerability_id VCID-b9hw-gxbc-mkfy
summary 
Denial of Service and SQL Injection
This package allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-0701.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0701.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-1028.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1028.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2013-1147.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1147.html
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0269.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0269.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0269
reference_id
reference_type
scores
0
value 0.17317
scoring_system epss
scoring_elements 0.95165
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0269
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0269
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0269
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/82010
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/82010
12
reference_url https://github.com/flori/json
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/flori/json
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/json/CVE-2013-0269.yml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/json/CVE-2013-0269.yml
14
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_YvCpLzL58
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_YvCpLzL58
15
reference_url https://groups.google.com/group/rubyonrails-security/msg/d8e0db6e08c81428?dmode=source&output=gplain
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/d8e0db6e08c81428?dmode=source&output=gplain
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0269
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0269
17
reference_url https://web.archive.org/web/20130228082541/http://www.securityfocus.com/bid/57899
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130228082541/http://www.securityfocus.com/bid/57899
18
reference_url https://web.archive.org/web/20160331131233/http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160331131233/http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed
19
reference_url https://web.archive.org/web/20160808163226/https://puppet.com/security/cve/cve-2013-0269
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160808163226/https://puppet.com/security/cve/cve-2013-0269
20
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
21
reference_url http://www.openwall.com/lists/oss-security/2013/02/11/7
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/11/7
22
reference_url http://www.openwall.com/lists/oss-security/2013/02/11/8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/11/8
23
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862
24
reference_url http://www.ubuntu.com/usn/USN-1733-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1733-1
25
reference_url http://www.zweitag.de/en/blog/ruby-on-rails-vulnerable-to-mass-assignment-and-sql-injection
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.zweitag.de/en/blog/ruby-on-rails-vulnerable-to-mass-assignment-and-sql-injection
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700436
reference_id 700436
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700436
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909029
reference_id 909029
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=909029
28
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
29
reference_url https://access.redhat.com/errata/RHSA-2013:0701
reference_id RHSA-2013:0701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0701
30
reference_url https://access.redhat.com/errata/RHSA-2013:1028
reference_id RHSA-2013:1028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1028
31
reference_url https://access.redhat.com/errata/RHSA-2013:1147
reference_id RHSA-2013:1147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1147
32
reference_url https://access.redhat.com/errata/RHSA-2013:1185
reference_id RHSA-2013:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1185
fixed_packages
aliases CVE-2013-0269, GHSA-x457-cw4h-hq5f, OSV-101137
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b9hw-gxbc-mkfy
7
url VCID-gq4p-3kvj-3kaq
vulnerability_id VCID-gq4p-3kvj-3kaq
summary 
Incorrect temporary file usage
The ruby_parser Gem does not create temporary files securely. In the `diff_pp` function contained in `lib/gauntlet_rubyparser.rb` function, it creates files as `/tmp/a.[pid]` and `/tmp/b.[pid]` which can be predicted and used for either a denial of service (file cannot be overwritten), or to change the contents of files that are writable.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
2
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
3
reference_url https://access.redhat.com/errata/RHSA-2013:0582
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0582
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json
5
reference_url https://access.redhat.com/security/cve/CVE-2013-0162
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0162
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0162
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35093
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0162
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=892806
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=892806
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml
9
reference_url https://github.com/seattlerb/ruby_parser
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser
10
reference_url https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280
11
reference_url https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0162
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0162
fixed_packages
aliases CVE-2013-0162, GHSA-8mvw-22r7-w6fq, OSV-90561
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gq4p-3kvj-3kaq
8
url VCID-kree-2cyw-duh8
vulnerability_id VCID-kree-2cyw-duh8
summary 
Uncontrolled Resource Consumption
Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/errata/RHSA-2013:0548
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0548
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
6
reference_url https://access.redhat.com/security/cve/CVE-2013-0184
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0184
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
reference_id
reference_type
scores
0
value 0.00677
scoring_system epss
scoring_elements 0.71915
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895384
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895384
9
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
10
reference_url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
11
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
reference_id CVE-2013-0184
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
14
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
aliases CVE-2013-0184, GHSA-v882-ccj6-jc48, OSV-89327
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kree-2cyw-duh8
9
url VCID-p1vs-r2k3-53g7
vulnerability_id VCID-p1vs-r2k3-53g7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6119.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6119.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6119
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.18033
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6119
2
reference_url https://github.com/candlepin/candlepin/commit/f4d93230e58b969c506b4c9778e04482a059b08c
reference_id
reference_type
scores
url https://github.com/candlepin/candlepin/commit/f4d93230e58b969c506b4c9778e04482a059b08c
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=908613
reference_id 908613
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=908613
4
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
aliases CVE-2012-6119
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1vs-r2k3-53g7
10
url VCID-sb81-8nm8-dudw
vulnerability_id VCID-sb81-8nm8-dudw
summary 
Circumvention of attr_protected
The attr_protected method allows developers to specify a denylist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected.
references
0
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0276.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0276
reference_id
reference_type
scores
0
value 0.00606
scoring_system epss
scoring_elements 0.70033
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0276
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2013-0276.yml
6
reference_url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8
reference_id
reference_type
scores
url https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8
7
reference_url https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/group/rubyonrails-security/msg/bb44b98a73ef1a06?dmode=source&output=gplain
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0276
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0276
9
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT5784
10
reference_url https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130217055442/http://www.securityfocus.com/bid/57896
11
reference_url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/2/11/SEC-ANN-Rails-3-2-12-3-1-11-and-2-3-17-have-been-released
12
reference_url http://www.debian.org/security/2013/dsa-2620
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2620
13
reference_url http://www.openwall.com/lists/oss-security/2013/02/11/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/02/11/5
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909528
reference_id 909528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=909528
15
reference_url https://security.gentoo.org/glsa/201412-28
reference_id GLSA-201412-28
reference_type
scores
url https://security.gentoo.org/glsa/201412-28
16
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
aliases CVE-2013-0276, GHSA-gr44-7grc-37vq, OSV-90072
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sb81-8nm8-dudw
11
url VCID-w1cf-9x6v-pyhw
vulnerability_id VCID-w1cf-9x6v-pyhw
summary 
Timing attack against Rack::Session::Cookie
Affected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0263
reference_id
reference_type
scores
0
value 0.16071
scoring_system epss
scoring_elements 0.94909
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0263
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909071
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=909071
6
reference_url https://gist.github.com/codahale/f9f3781f7b54985bee94
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/codahale/f9f3781f7b54985bee94
7
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
8
reference_url https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
9
reference_url https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
10
reference_url https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
11
reference_url https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
12
reference_url https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
13
reference_url https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
14
reference_url https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0263
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0263
16
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226
reference_id 700226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226
18
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
19
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
aliases CVE-2013-0263, GHSA-xc85-32mf-xpv8, OSV-89939
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1cf-9x6v-pyhw
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-nokogiri@1.5.0-0.9.beta4%3Farch=el6cf