Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
Typeapk
Namespacealpine
Nameruby
Version2.5.5-r0
Qualifiers
arch x86_64
distroversion v3.9
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.5.7-r0
Latest_non_vulnerable_version2.5.8-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-f7x5-hz5f-hyd3
vulnerability_id VCID-f7x5-hz5f-hyd3
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
An issue was discovered in RubyGems. Since `Gem::CommandManager#run` calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8325.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8325.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8325
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55634
published_at 2026-04-16T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55625
published_at 2026-04-09T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55622
published_at 2026-04-08T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55571
published_at 2026-04-07T12:55:00Z
4
value 0.00326
scoring_system epss
scoring_elements 0.55593
published_at 2026-04-04T12:55:00Z
5
value 0.00326
scoring_system epss
scoring_elements 0.55568
published_at 2026-04-02T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55597
published_at 2026-04-13T12:55:00Z
7
value 0.00326
scoring_system epss
scoring_elements 0.55614
published_at 2026-04-12T12:55:00Z
8
value 0.00332
scoring_system epss
scoring_elements 0.55992
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8325
3
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8325.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8325.yml
12
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692522
reference_id 1692522
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692522
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8325
reference_id CVE-2019-8325
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8325
16
reference_url https://github.com/advisories/GHSA-4wm8-fjv7-j774
reference_id GHSA-4wm8-fjv7-j774
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4wm8-fjv7-j774
17
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
18
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
19
reference_url https://access.redhat.com/errata/RHSA-2019:1235
reference_id RHSA-2019:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1235
20
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
21
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8325, GHSA-4wm8-fjv7-j774
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f7x5-hz5f-hyd3
1
url VCID-ha3g-uyse-wybx
vulnerability_id VCID-ha3g-uyse-wybx
summary 
Injection Vulnerability
An issue was discovered in RubyGems. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8322.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8322.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8322
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55597
published_at 2026-04-13T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55568
published_at 2026-04-02T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55593
published_at 2026-04-04T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55571
published_at 2026-04-07T12:55:00Z
4
value 0.00326
scoring_system epss
scoring_elements 0.55622
published_at 2026-04-08T12:55:00Z
5
value 0.00326
scoring_system epss
scoring_elements 0.55625
published_at 2026-04-09T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55634
published_at 2026-04-16T12:55:00Z
7
value 0.00326
scoring_system epss
scoring_elements 0.55614
published_at 2026-04-12T12:55:00Z
8
value 0.00332
scoring_system epss
scoring_elements 0.55992
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8322
3
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8322.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8322.yml
12
reference_url https://hackerone.com/reports/315087
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/315087
13
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692516
reference_id 1692516
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692516
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8322
reference_id CVE-2019-8322
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8322
17
reference_url https://github.com/advisories/GHSA-mh37-8c3g-3fgc
reference_id GHSA-mh37-8c3g-3fgc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mh37-8c3g-3fgc
18
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
19
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
20
reference_url https://access.redhat.com/errata/RHSA-2019:1235
reference_id RHSA-2019:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1235
21
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
22
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8322, GHSA-mh37-8c3g-3fgc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ha3g-uyse-wybx
2
url VCID-jkwe-c323-3yez
vulnerability_id VCID-jkwe-c323-3yez
summary 
Argument Injection or Modification
An issue was discovered in RubyGems. Since `Gem::UserInteraction#verbose` calls say without escaping, escape sequence injection is possible.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8321.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8321.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8321
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55634
published_at 2026-04-16T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55625
published_at 2026-04-09T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55622
published_at 2026-04-08T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55571
published_at 2026-04-07T12:55:00Z
4
value 0.00326
scoring_system epss
scoring_elements 0.55593
published_at 2026-04-04T12:55:00Z
5
value 0.00326
scoring_system epss
scoring_elements 0.55568
published_at 2026-04-02T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55597
published_at 2026-04-13T12:55:00Z
7
value 0.00326
scoring_system epss
scoring_elements 0.55614
published_at 2026-04-12T12:55:00Z
8
value 0.00332
scoring_system epss
scoring_elements 0.55992
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8321
3
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8321.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8321.yml
12
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692514
reference_id 1692514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692514
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8321
reference_id CVE-2019-8321
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8321
16
reference_url https://github.com/advisories/GHSA-fr32-gr5c-xq5c
reference_id GHSA-fr32-gr5c-xq5c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fr32-gr5c-xq5c
17
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
18
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
19
reference_url https://access.redhat.com/errata/RHSA-2019:1235
reference_id RHSA-2019:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1235
20
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
21
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8321, GHSA-fr32-gr5c-xq5c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkwe-c323-3yez
3
url VCID-ky5r-bch5-m7dv
vulnerability_id VCID-ky5r-bch5-m7dv
summary 
Injection Vulnerability
An issue was discovered in RubyGems. `Gem::GemcutterUtilities#with_response` may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8323.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8323.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8323
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55597
published_at 2026-04-13T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55568
published_at 2026-04-02T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55593
published_at 2026-04-04T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55571
published_at 2026-04-07T12:55:00Z
4
value 0.00326
scoring_system epss
scoring_elements 0.55622
published_at 2026-04-08T12:55:00Z
5
value 0.00326
scoring_system epss
scoring_elements 0.55625
published_at 2026-04-09T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55634
published_at 2026-04-16T12:55:00Z
7
value 0.00326
scoring_system epss
scoring_elements 0.55614
published_at 2026-04-12T12:55:00Z
8
value 0.00332
scoring_system epss
scoring_elements 0.55992
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8323
3
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8323.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8323.yml
12
reference_url https://hackerone.com/reports/315081
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/315081
13
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692519
reference_id 1692519
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692519
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8323
reference_id CVE-2019-8323
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8323
17
reference_url https://github.com/advisories/GHSA-3h4r-pjv6-cph9
reference_id GHSA-3h4r-pjv6-cph9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3h4r-pjv6-cph9
18
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
19
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
20
reference_url https://access.redhat.com/errata/RHSA-2019:1235
reference_id RHSA-2019:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1235
21
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
22
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8323, GHSA-3h4r-pjv6-cph9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky5r-bch5-m7dv
4
url VCID-t78a-dw4s-vqf5
vulnerability_id VCID-t78a-dw4s-vqf5
summary 
Path Traversal
A Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could guess at paths. Given how frequently gem is run as sudo, and how predictable paths are on modern systems (`/tmp`, `/usr`, etc.), this could likely lead to data loss or an unusable system.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/errata/RHSA-2019:1429
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1429
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8320.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8320.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8320
reference_id
reference_type
scores
0
value 0.06309
scoring_system epss
scoring_elements 0.90956
published_at 2026-04-09T12:55:00Z
1
value 0.06309
scoring_system epss
scoring_elements 0.9095
published_at 2026-04-08T12:55:00Z
2
value 0.06309
scoring_system epss
scoring_elements 0.90939
published_at 2026-04-07T12:55:00Z
3
value 0.06309
scoring_system epss
scoring_elements 0.90929
published_at 2026-04-04T12:55:00Z
4
value 0.06309
scoring_system epss
scoring_elements 0.90919
published_at 2026-04-02T12:55:00Z
5
value 0.06309
scoring_system epss
scoring_elements 0.90914
published_at 2026-04-01T12:55:00Z
6
value 0.06309
scoring_system epss
scoring_elements 0.9099
published_at 2026-04-16T12:55:00Z
7
value 0.06309
scoring_system epss
scoring_elements 0.90966
published_at 2026-04-12T12:55:00Z
8
value 0.06309
scoring_system epss
scoring_elements 0.90965
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8320
4
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/rubygems/rubygems
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubygems/rubygems
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8320.yml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8320.yml
14
reference_url https://hackerone.com/reports/317321
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/317321
15
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692512
reference_id 1692512
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692512
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8320
reference_id CVE-2019-8320
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8320
19
reference_url https://github.com/advisories/GHSA-5x32-c9mf-49cc
reference_id GHSA-5x32-c9mf-49cc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5x32-c9mf-49cc
20
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
21
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
22
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8320, GHSA-5x32-c9mf-49cc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t78a-dw4s-vqf5
5
url VCID-xgmc-a5rk-zqag
vulnerability_id VCID-xgmc-a5rk-zqag
summary 
Improper Input Validation
A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is evaluated by `ensure_loadable_spec` during the pre-installation check.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html
1
reference_url https://access.redhat.com/errata/RHSA-2019:1972
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1972
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8324.json
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8324.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-8324
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.66018
published_at 2026-04-09T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66006
published_at 2026-04-08T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.65955
published_at 2026-04-07T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.65989
published_at 2026-04-04T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.65959
published_at 2026-04-02T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66029
published_at 2026-04-16T12:55:00Z
6
value 0.00501
scoring_system epss
scoring_elements 0.65994
published_at 2026-04-13T12:55:00Z
7
value 0.00501
scoring_system epss
scoring_elements 0.66024
published_at 2026-04-12T12:55:00Z
8
value 0.00501
scoring_system epss
scoring_elements 0.66037
published_at 2026-04-11T12:55:00Z
9
value 0.00511
scoring_system epss
scoring_elements 0.66346
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-8324
4
reference_url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8324.yml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2019-8324.yml
13
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692520
reference_id 1692520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692520
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
reference_id 925987
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925987
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-8324
reference_id CVE-2019-8324
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-8324
17
reference_url https://github.com/advisories/GHSA-76wm-422q-92mq
reference_id GHSA-76wm-422q-92mq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76wm-422q-92mq
18
reference_url https://access.redhat.com/errata/RHSA-2019:1148
reference_id RHSA-2019:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1148
19
reference_url https://access.redhat.com/errata/RHSA-2019:1150
reference_id RHSA-2019:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1150
20
reference_url https://access.redhat.com/errata/RHSA-2019:1151
reference_id RHSA-2019:1151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1151
21
reference_url https://access.redhat.com/errata/RHSA-2019:1235
reference_id RHSA-2019:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1235
22
reference_url https://access.redhat.com/errata/RHSA-2020:2769
reference_id RHSA-2020:2769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2769
23
reference_url https://usn.ubuntu.com/3945-1/
reference_id USN-3945-1
reference_type
scores
url https://usn.ubuntu.com/3945-1/
fixed_packages
0
url pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/ruby@2.5.5-r0?arch=x86_64&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main
aliases CVE-2019-8324, GHSA-76wm-422q-92mq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xgmc-a5rk-zqag
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/ruby@2.5.5-r0%3Farch=x86_64&distroversion=v3.9&reponame=main