Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/568736?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/568736?format=api", "purl": "pkg:gem/nokogiri@1.5", "type": "gem", "namespace": "", "name": "nokogiri", "version": "1.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.19.1", "latest_non_vulnerable_version": "1.19.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54838?format=api", "vulnerability_id": "VCID-gxbt-wyyf-1yg8", "summary": "Nokogiri vulnerable to DoS while parsing XML entities\nNokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6461.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6461.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2013-6461", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2013-6461" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83883", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83881", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.8386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83837", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83784", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83812", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02046", "scoring_system": "epss", "scoring_elements": "0.83882", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6461", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6461" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90059", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90059" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6461.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6461.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6461", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6461" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2013-6461", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-6461" }, { "reference_url": "https://web.archive.org/web/20200804224345/https://www.securityfocus.com/bid/64513", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200804224345/https://www.securityfocus.com/bid/64513" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/12/27/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/12/27/2" }, { "reference_url": "http://www.securityfocus.com/bid/64513", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046664", "reference_id": "1046664", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046664" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-jmhh-w7xp-wg39", "reference_id": "GHSA-jmhh-w7xp-wg39", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jmhh-w7xp-wg39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82046?format=api", "purl": "pkg:gem/nokogiri@1.5.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22km-jmtd-yyde" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2dje-jsyy-cqbe" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-365e-j8ta-h7cn" }, { "vulnerability": "VCID-3f2w-tgya-x3cc" }, { "vulnerability": "VCID-3n8z-mqjc-6fh9" }, { "vulnerability": "VCID-43qu-922g-myca" }, { "vulnerability": "VCID-64c1-dzhs-u3gj" }, { "vulnerability": "VCID-6r5w-pgkx-v3cb" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8geh-vfns-pfgs" }, { "vulnerability": "VCID-96v6-vs1m-skf3" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9wgc-swf9-z7hq" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-c6hb-sbhx-zqac" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghbk-uumc-dug3" }, { "vulnerability": "VCID-gsar-pymk-43hs" }, { "vulnerability": "VCID-hzjv-gf8n-jka2" }, { "vulnerability": "VCID-jfh3-1sgm-7ug2" }, { "vulnerability": "VCID-jqdg-ebz9-t3e9" }, { "vulnerability": "VCID-m7km-hbm9-23h4" }, { "vulnerability": "VCID-n6za-rwad-tbaq" }, { "vulnerability": "VCID-nq12-ryyt-c7g9" }, { "vulnerability": "VCID-q732-nexj-1ue6" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-snr1-kaug-43aa" }, { "vulnerability": "VCID-sqa5-8yrd-qyfz" }, { "vulnerability": "VCID-sxp3-vtcq-pugw" }, { "vulnerability": "VCID-tdt5-asvh-ryaa" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-txm2-sdc1-7uch" }, { "vulnerability": "VCID-u8gx-xbj9-97c7" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-uf9q-1ds5-wbev" }, { "vulnerability": "VCID-v226-z8ay-sue4" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-vhyk-9tbb-quc3" }, { "vulnerability": "VCID-w8jf-tsmr-g7cd" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-xd6j-x83x-r3gn" }, { "vulnerability": "VCID-y5vb-sn4p-eqd9" }, { "vulnerability": "VCID-yeku-1zjh-kbea" }, { "vulnerability": "VCID-zwzs-qztz-wbfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/nokogiri@1.5.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/82047?format=api", "purl": "pkg:gem/nokogiri@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22km-jmtd-yyde" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2dje-jsyy-cqbe" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-365e-j8ta-h7cn" }, { "vulnerability": "VCID-3f2w-tgya-x3cc" }, { "vulnerability": "VCID-3n8z-mqjc-6fh9" }, { "vulnerability": "VCID-43qu-922g-myca" }, { "vulnerability": "VCID-64c1-dzhs-u3gj" }, { "vulnerability": "VCID-64ca-973e-nfgm" }, { "vulnerability": "VCID-6r5w-pgkx-v3cb" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8geh-vfns-pfgs" }, { "vulnerability": "VCID-96v6-vs1m-skf3" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9wgc-swf9-z7hq" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-c6hb-sbhx-zqac" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghbk-uumc-dug3" }, { "vulnerability": "VCID-gsar-pymk-43hs" }, { "vulnerability": "VCID-hzjv-gf8n-jka2" }, { "vulnerability": "VCID-jfh3-1sgm-7ug2" }, { "vulnerability": "VCID-jqdg-ebz9-t3e9" }, { "vulnerability": "VCID-m7km-hbm9-23h4" }, { "vulnerability": "VCID-n6za-rwad-tbaq" }, { "vulnerability": "VCID-nq12-ryyt-c7g9" }, { "vulnerability": "VCID-q732-nexj-1ue6" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-snr1-kaug-43aa" }, { "vulnerability": "VCID-sqa5-8yrd-qyfz" }, { "vulnerability": "VCID-sxp3-vtcq-pugw" }, { "vulnerability": "VCID-tdt5-asvh-ryaa" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-txm2-sdc1-7uch" }, { "vulnerability": "VCID-u8gx-xbj9-97c7" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-uf9q-1ds5-wbev" }, { "vulnerability": "VCID-v226-z8ay-sue4" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-vhyk-9tbb-quc3" }, { "vulnerability": "VCID-w8jf-tsmr-g7cd" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-xd6j-x83x-r3gn" }, { "vulnerability": "VCID-y5vb-sn4p-eqd9" }, { "vulnerability": "VCID-yeku-1zjh-kbea" }, { "vulnerability": "VCID-zwzs-qztz-wbfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/nokogiri@1.6.1" } ], "aliases": [ "CVE-2013-6461", "GHSA-jmhh-w7xp-wg39", "OSV-101458" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxbt-wyyf-1yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55015?format=api", "vulnerability_id": "VCID-xvhw-5776-s3fr", "summary": "Nokogiri vulnerable to DoS while parsing XML documents\nNokogiri gem has Denial of Service via infinite loop when parsing XML documents", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6460.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6460.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2013-6460" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85416", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.8542", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85398", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85376", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85374", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02521", "scoring_system": "epss", "scoring_elements": "0.85343", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6460" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90058", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90058" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6460.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2013-6460.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6460" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2013-6460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-6460" }, { "reference_url": "https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513" }, { "reference_url": "https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200229074427/https://www.securityfocus.com/bid/64513/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/12/27/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/12/27/2" }, { "reference_url": "http://www.securityfocus.com/bid/64513", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046663", "reference_id": "1046663", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046663" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-62qp-3fxm-9wxf", "reference_id": "GHSA-62qp-3fxm-9wxf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-62qp-3fxm-9wxf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82046?format=api", "purl": "pkg:gem/nokogiri@1.5.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22km-jmtd-yyde" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2dje-jsyy-cqbe" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-365e-j8ta-h7cn" }, { "vulnerability": "VCID-3f2w-tgya-x3cc" }, { "vulnerability": "VCID-3n8z-mqjc-6fh9" }, { "vulnerability": "VCID-43qu-922g-myca" }, { "vulnerability": "VCID-64c1-dzhs-u3gj" }, { "vulnerability": "VCID-6r5w-pgkx-v3cb" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8geh-vfns-pfgs" }, { "vulnerability": "VCID-96v6-vs1m-skf3" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9wgc-swf9-z7hq" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-c6hb-sbhx-zqac" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghbk-uumc-dug3" }, { "vulnerability": "VCID-gsar-pymk-43hs" }, { "vulnerability": "VCID-hzjv-gf8n-jka2" }, { "vulnerability": "VCID-jfh3-1sgm-7ug2" }, { "vulnerability": "VCID-jqdg-ebz9-t3e9" }, { "vulnerability": "VCID-m7km-hbm9-23h4" }, { "vulnerability": "VCID-n6za-rwad-tbaq" }, { "vulnerability": "VCID-nq12-ryyt-c7g9" }, { "vulnerability": "VCID-q732-nexj-1ue6" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-snr1-kaug-43aa" }, { "vulnerability": "VCID-sqa5-8yrd-qyfz" }, { "vulnerability": "VCID-sxp3-vtcq-pugw" }, { "vulnerability": "VCID-tdt5-asvh-ryaa" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-txm2-sdc1-7uch" }, { "vulnerability": "VCID-u8gx-xbj9-97c7" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-uf9q-1ds5-wbev" }, { "vulnerability": "VCID-v226-z8ay-sue4" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-vhyk-9tbb-quc3" }, { "vulnerability": "VCID-w8jf-tsmr-g7cd" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-xd6j-x83x-r3gn" }, { "vulnerability": "VCID-y5vb-sn4p-eqd9" }, { "vulnerability": "VCID-yeku-1zjh-kbea" }, { "vulnerability": "VCID-zwzs-qztz-wbfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/nokogiri@1.5.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/82047?format=api", "purl": "pkg:gem/nokogiri@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22km-jmtd-yyde" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2dje-jsyy-cqbe" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-365e-j8ta-h7cn" }, { "vulnerability": "VCID-3f2w-tgya-x3cc" }, { "vulnerability": "VCID-3n8z-mqjc-6fh9" }, { "vulnerability": "VCID-43qu-922g-myca" }, { "vulnerability": "VCID-64c1-dzhs-u3gj" }, { "vulnerability": "VCID-64ca-973e-nfgm" }, { "vulnerability": "VCID-6r5w-pgkx-v3cb" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8geh-vfns-pfgs" }, { "vulnerability": "VCID-96v6-vs1m-skf3" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9wgc-swf9-z7hq" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-c6hb-sbhx-zqac" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghbk-uumc-dug3" }, { "vulnerability": "VCID-gsar-pymk-43hs" }, { "vulnerability": "VCID-hzjv-gf8n-jka2" }, { "vulnerability": "VCID-jfh3-1sgm-7ug2" }, { "vulnerability": "VCID-jqdg-ebz9-t3e9" }, { "vulnerability": "VCID-m7km-hbm9-23h4" }, { "vulnerability": "VCID-n6za-rwad-tbaq" }, { "vulnerability": "VCID-nq12-ryyt-c7g9" }, { "vulnerability": "VCID-q732-nexj-1ue6" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-snr1-kaug-43aa" }, { "vulnerability": "VCID-sqa5-8yrd-qyfz" }, { "vulnerability": "VCID-sxp3-vtcq-pugw" }, { "vulnerability": "VCID-tdt5-asvh-ryaa" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-txm2-sdc1-7uch" }, { "vulnerability": "VCID-u8gx-xbj9-97c7" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-uf9q-1ds5-wbev" }, { "vulnerability": "VCID-v226-z8ay-sue4" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-vhyk-9tbb-quc3" }, { "vulnerability": "VCID-w8jf-tsmr-g7cd" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-xd6j-x83x-r3gn" }, { "vulnerability": "VCID-y5vb-sn4p-eqd9" }, { "vulnerability": "VCID-yeku-1zjh-kbea" }, { "vulnerability": "VCID-zwzs-qztz-wbfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/nokogiri@1.6.1" } ], "aliases": [ "CVE-2013-6460", "GHSA-62qp-3fxm-9wxf", "OSV-101179" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvhw-5776-s3fr" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/nokogiri@1.5" }