Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/75581?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "type": "ebuild", "namespace": "dev-lang", "name": "ruby", "version": "1.8.6_p287-r1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.8.6_p369", "latest_non_vulnerable_version": "3.2.2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40990?format=api", "vulnerability_id": "VCID-4yvc-uzev-wua4", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96594", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29733", "scoring_system": "epss", "scoring_elements": "0.96624", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3655" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32372" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44369" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0895.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020656", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020656" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948", "reference_id": "458948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458948" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655", "reference_id": "CVE-2008-3655", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3655" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb", "reference_id": "CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0895", "reference_id": "RHSA-2008:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-3655", "GHSA-p524-ppf2-w36w" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=api", "vulnerability_id": "VCID-5bte-uex2-f7du", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90887", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90908", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06265", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2664" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43348" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834", "reference_id": "450834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450834" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664", "reference_id": "CVE-2008-2664", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2664" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2664", "GHSA-c4h6-p7gp-39x2", "OSV-46552" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=api", "vulnerability_id": "VCID-8fbf-8fea-27d9", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "reference_url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" }, { "reference_url": "http://secunia.com/advisories/30925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30925" }, { "reference_url": "http://secunia.com/advisories/30973", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30973" }, { "reference_url": "http://secunia.com/advisories/30977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30977" }, { "reference_url": "http://secunia.com/advisories/30979", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30979" }, { "reference_url": "http://secunia.com/advisories/30980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30980" }, { "reference_url": "http://secunia.com/advisories/30988", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30988" }, { "reference_url": "http://secunia.com/advisories/30989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30989" }, { "reference_url": "http://secunia.com/advisories/30998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30998" }, { "reference_url": "http://secunia.com/advisories/31011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31011" }, { "reference_url": "http://secunia.com/advisories/31012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31012" }, { "reference_url": "http://secunia.com/advisories/31014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31014" }, { "reference_url": "http://secunia.com/advisories/31019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31019" }, { "reference_url": "http://secunia.com/advisories/31022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31022" }, { "reference_url": "http://secunia.com/advisories/31030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31030" }, { "reference_url": "http://secunia.com/advisories/31031", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31031" }, { "reference_url": "http://secunia.com/advisories/31033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31033" }, { "reference_url": "http://secunia.com/advisories/31052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31052" }, { "reference_url": "http://secunia.com/advisories/31065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31065" }, { "reference_url": "http://secunia.com/advisories/31072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31072" }, { "reference_url": "http://secunia.com/advisories/31093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31093" }, { "reference_url": "http://secunia.com/advisories/31094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31094" }, { "reference_url": "http://secunia.com/advisories/31137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31137" }, { "reference_url": "http://secunia.com/advisories/31143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31143" }, { "reference_url": "http://secunia.com/advisories/31151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31151" }, { "reference_url": "http://secunia.com/advisories/31152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31152" }, { "reference_url": "http://secunia.com/advisories/31153", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31153" }, { "reference_url": "http://secunia.com/advisories/31169", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31169" }, { "reference_url": "http://secunia.com/advisories/31197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31197" }, { "reference_url": "http://secunia.com/advisories/31199", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31199" }, { "reference_url": "http://secunia.com/advisories/31204", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31204" }, { "reference_url": "http://secunia.com/advisories/31207", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31207" }, { "reference_url": "http://secunia.com/advisories/31209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31209" }, { "reference_url": "http://secunia.com/advisories/31212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31212" }, { "reference_url": "http://secunia.com/advisories/31213", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31213" }, { "reference_url": "http://secunia.com/advisories/31221", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31221" }, { "reference_url": "http://secunia.com/advisories/31236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31236" }, { "reference_url": "http://secunia.com/advisories/31237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31237" }, { "reference_url": "http://secunia.com/advisories/31254", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31254" }, { "reference_url": "http://secunia.com/advisories/31326", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31326" }, { "reference_url": "http://secunia.com/advisories/31354", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31354" }, { "reference_url": "http://secunia.com/advisories/31422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31422" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31451", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31451" }, { "reference_url": "http://secunia.com/advisories/31482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31482" }, { "reference_url": "http://secunia.com/advisories/31495", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31495" }, { "reference_url": "http://secunia.com/advisories/31588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31588" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/31823", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31823" }, { "reference_url": "http://secunia.com/advisories/31882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31882" }, { "reference_url": "http://secunia.com/advisories/31900", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31900" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33714" }, { "reference_url": "http://secunia.com/advisories/33786", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33786" }, { "reference_url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-08.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "reference_url": "http://support.apple.com/kb/HT3026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3026" }, { "reference_url": "http://support.apple.com/kb/HT3129", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3129" }, { "reference_url": "http://support.citrix.com/article/CTX117991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX117991" }, { "reference_url": "http://support.citrix.com/article/CTX118183", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX118183" }, { "reference_url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152" }, { "reference_url": "https://www.exploit-db.com/exploits/6122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6122" }, { "reference_url": "https://www.exploit-db.com/exploits/6123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6123" }, { "reference_url": "https://www.exploit-db.com/exploits/6130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6130" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "reference_url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1603", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1603" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1604", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1604" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1605", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1605" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1619", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1619" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1623" }, { "reference_url": "http://www.doxpara.com/DMK_BO2K8.ppt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "reference_url": "http://www.doxpara.com/?p=1176", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/?p=1176" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "reference_url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40" }, { "reference_url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "reference_url": "http://www.kb.cert.org/vuls/id/800113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/800113" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "reference_url": "http://www.nominum.com/asset_upload_file741_2661.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "reference_url": "http://www.novell.com/support/viewContent.do?externalId=7000912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "reference_url": "http://www.openbsd.org/errata42.html#013_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "reference_url": "http://www.openbsd.org/errata43.html#004_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "reference_url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30131" }, { "reference_url": "http://www.securitytracker.com/id?1020437", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020437" }, { "reference_url": "http://www.securitytracker.com/id?1020438", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020438" }, { "reference_url": "http://www.securitytracker.com/id?1020440", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020440" }, { "reference_url": "http://www.securitytracker.com/id?1020448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020448" }, { "reference_url": "http://www.securitytracker.com/id?1020449", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020449" }, { "reference_url": "http://www.securitytracker.com/id?1020548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020548" }, { "reference_url": "http://www.securitytracker.com/id?1020558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020558" }, { "reference_url": "http://www.securitytracker.com/id?1020560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020560" }, { "reference_url": "http://www.securitytracker.com/id?1020561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020561" }, { "reference_url": "http://www.securitytracker.com/id?1020575", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020575" }, { "reference_url": "http://www.securitytracker.com/id?1020576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020576" }, { "reference_url": "http://www.securitytracker.com/id?1020577", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020577" }, { "reference_url": "http://www.securitytracker.com/id?1020578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020578" }, { "reference_url": "http://www.securitytracker.com/id?1020579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020579" }, { "reference_url": "http://www.securitytracker.com/id?1020651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020651" }, { "reference_url": "http://www.securitytracker.com/id?1020653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020653" }, { "reference_url": "http://www.securitytracker.com/id?1020702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020702" }, { "reference_url": "http://www.securitytracker.com/id?1020802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020802" }, { "reference_url": "http://www.securitytracker.com/id?1020804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020804" }, { "reference_url": "http://www.ubuntu.com/usn/usn-622-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "reference_url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2019/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2023/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2025/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2029/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2030/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2050/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2051/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2052/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2055/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2092/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2113/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2114/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2123/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2139/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2166/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2195/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2196/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2197/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2197/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2268", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2377", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2383", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2467", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2525", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2582", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0622", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345", "reference_id": "449345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123", "reference_id": "490123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465", "reference_id": "492465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698", "reference_id": "492698", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700", "reference_id": "492700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599", "reference_id": "493599", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447", "reference_id": "CVE-2008-1447", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447" }, { "reference_url": "https://security.gentoo.org/glsa/200807-08", "reference_id": "GLSA-200807-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-08" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://security.gentoo.org/glsa/200901-03", "reference_id": "GLSA-200901-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200901-03" }, { "reference_url": "https://security.gentoo.org/glsa/201209-25", "reference_id": "GLSA-201209-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-25" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0533", "reference_id": "RHSA-2008:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0789", "reference_id": "RHSA-2008:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0789" }, { "reference_url": "https://usn.ubuntu.com/622-1/", "reference_id": "USN-622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/622-1/" }, { "reference_url": "https://usn.ubuntu.com/627-1/", "reference_id": "USN-627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/627-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-1447" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=api", "vulnerability_id": "VCID-9gp6-pvw1-ufhs", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85315", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.8532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0249", "scoring_system": "epss", "scoring_elements": "0.85318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86917", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03164", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2725" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43350" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821", "reference_id": "451821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725", "reference_id": "CVE-2008-2725", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2725" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2725", "GHSA-924x-9756-qq8p", "OSV-46553" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40992?format=api", "vulnerability_id": "VCID-a15m-bcma-vfa7", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98611", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.9862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.68786", "scoring_system": "epss", "scoring_elements": "0.98625", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3656" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44371" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3656" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020654" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953", "reference_id": "458953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458953" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://www.securityfocus.com/bid/30644/info", "reference_id": "CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30644/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb", "reference_id": "CVE-2008-4310;OSVDB-47471;CVE-2008-3656", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-3656", "GHSA-823x-6r7f-v9x6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=api", "vulnerability_id": "VCID-c9sy-czbr-tfer", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86145", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86225", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86192", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02858", "scoring_system": "epss", "scoring_elements": "0.86206", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2726" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43351" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828", "reference_id": "451828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451828" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726", "reference_id": "CVE-2008-2726", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2726" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2726", "GHSA-v2mw-g73g-923h", "OSV-46554" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40993?format=api", "vulnerability_id": "VCID-fw7k-88kf-1kgg", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.9584", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22517", "scoring_system": "epss", "scoring_elements": "0.95839", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3657" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31697" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44372" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3657" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495884/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30644" }, { "reference_url": "http://www.securitytracker.com/id?1020652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020652" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966", "reference_id": "458966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458966" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-3657", "GHSA-5f6v-fgcw-j5px" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=api", "vulnerability_id": "VCID-jx79-wpg7-2yaa", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.85985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.8603", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02771", "scoring_system": "epss", "scoring_elements": "0.86042", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2662" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601" }, { "reference_url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821", "reference_id": "450821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450821" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662", "reference_id": "CVE-2008-2662", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2662" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2662", "GHSA-6wwf-x53r-5qqq", "OSV-46550" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=api", "vulnerability_id": "VCID-mzqm-gc4w-fbfp", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03283", "scoring_system": "epss", "scoring_elements": "0.87189", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2663" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/30831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30831" }, { "reference_url": "http://secunia.com/advisories/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30867" }, { "reference_url": "http://secunia.com/advisories/30875", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30875" }, { "reference_url": "http://secunia.com/advisories/30894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30894" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43346" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2626" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities" }, { "reference_url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.ruby-forum.com/topic/157034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-forum.com/topic/157034" }, { "reference_url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/" }, { "reference_url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29903" }, { "reference_url": "http://www.securitytracker.com/id?1020347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020347" }, { "reference_url": "http://www.ubuntu.com/usn/usn-621-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-621-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1907/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1907/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825", "reference_id": "450825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=450825" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663", "reference_id": "CVE-2008-2663", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2663" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/621-1/", "reference_id": "USN-621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2663", "GHSA-8rh4-h2wx-5jpx", "OSV-46551" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40984?format=api", "vulnerability_id": "VCID-nsa4-b31c-37g2", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.9354", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11359", "scoring_system": "epss", "scoring_elements": "0.93543", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2376" }, { "reference_url": "http://secunia.com/advisories/30927", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30927" }, { "reference_url": "http://secunia.com/advisories/31006", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31006" }, { "reference_url": "http://secunia.com/advisories/31062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31062" }, { "reference_url": "http://secunia.com/advisories/31090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31090" }, { "reference_url": "http://secunia.com/advisories/31181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31181" }, { "reference_url": "http://secunia.com/advisories/31256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31256" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://issues.rpath.com/browse/RPL-2639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-2639" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2376" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863" }, { "reference_url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1612", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1612" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1618" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/02/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/02/3" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589", "reference_id": "453589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0561", "reference_id": "RHSA-2008:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0562", "reference_id": "RHSA-2008:0562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0562" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-2376", "GHSA-f7wf-fwmg-r7g3" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40996?format=api", "vulnerability_id": "VCID-pegr-f5mh-ekdz", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87007", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.8705", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87071", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03225", "scoring_system": "epss", "scoring_elements": "0.87065", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3905" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/32948", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32948" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45935" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3905" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/03/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/04/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/04/9" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/bid/31699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31699" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495", "reference_id": "461495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461495" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0896", "reference_id": "RHSA-2008:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-3905", "GHSA-vwcj-mf69-7rfw" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40995?format=api", "vulnerability_id": "VCID-r8r3-3x8p-ebh5", "summary": "Multiple vulnerabilities have been discovered in Ruby that allow for\n attacks including arbitrary code execution and Denial of Service.", "references": [ { "reference_url": "http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca", "reference_id": "", "reference_type": "", "scores": [], "url": "http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96556", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96541", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96549", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96551", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.28838", "scoring_system": "epss", "scoring_elements": "0.96554", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3790" }, { "reference_url": "http://secunia.com/advisories/31602", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31602" }, { "reference_url": "http://secunia.com/advisories/32165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32165" }, { "reference_url": "http://secunia.com/advisories/32219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32219" }, { "reference_url": "http://secunia.com/advisories/32255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32255" }, { "reference_url": "http://secunia.com/advisories/32256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32256" }, { "reference_url": "http://secunia.com/advisories/32371", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32371" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33185" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44628" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml" }, { "reference_url": "http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1651" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1652", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1652" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/25/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/25/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/26/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/26/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/26/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/26/4" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0897.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/" }, { "reference_url": "http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb" }, { "reference_url": "http://www.securityfocus.com/bid/30802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30802" }, { "reference_url": "http://www.securitytracker.com/id?1020735", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020735" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2428", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2428" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2483", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2483" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=460134", "reference_id": "460134", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=460134" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3790", "reference_id": "CVE-2008-3790", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3790" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb", "reference_id": "CVE-2008-3790;OSVDB-47753", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb" }, { "reference_url": "https://www.securityfocus.com/bid/30802/info", "reference_id": "CVE-2008-3790;OSVDB-47753", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30802/info" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0897", "reference_id": "RHSA-2008:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0897" }, { "reference_url": "https://usn.ubuntu.com/651-1/", "reference_id": "USN-651-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/651-1/" }, { "reference_url": "https://usn.ubuntu.com/691-1/", "reference_id": "USN-691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/691-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75581?format=api", "purl": "pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" } ], "aliases": [ "CVE-2008-3790", "GHSA-96jc-f6m3-pf2w", "OSV-47753" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8r3-3x8p-ebh5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1" }