Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/rack@1.2
Typegem
Namespace
Namerack
Version1.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.23
Latest_non_vulnerable_version3.2.6
Affected_by_vulnerabilities
0
url VCID-4u64-j7gm-5ke9
vulnerability_id VCID-4u64-j7gm-5ke9
summary 
Uncontrolled Resource Consumption
lib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
references
0
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json
5
reference_url https://access.redhat.com/security/cve/CVE-2012-6109
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-6109
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74894
published_at 2026-06-07T12:55:00Z
1
value 0.00828
scoring_system epss
scoring_elements 0.74868
published_at 2026-06-04T12:55:00Z
2
value 0.00828
scoring_system epss
scoring_elements 0.74878
published_at 2026-06-08T12:55:00Z
3
value 0.00828
scoring_system epss
scoring_elements 0.74902
published_at 2026-06-06T12:55:00Z
4
value 0.00828
scoring_system epss
scoring_elements 0.74897
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6109
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895277
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895277
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
9
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
10
reference_url https://github.com/rack/rack/blob/master/README.rdoc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/blob/master/README.rdoc
11
reference_url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml
13
reference_url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
14
reference_url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
15
reference_url https://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2013-0544.html
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
reference_id CVE-2012-6109
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6109
18
reference_url https://github.com/advisories/GHSA-h77x-m5q8-c29h
reference_id GHSA-h77x-m5q8-c29h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h77x-m5q8-c29h
19
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
0
url pkg:gem/rack@1.2.6
purl pkg:gem/rack@1.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-7cef-z5qm-afd8
9
vulnerability VCID-a8x9-j9b3-jycb
10
vulnerability VCID-amfu-8d25-juhy
11
vulnerability VCID-bj83-rx84-v3g9
12
vulnerability VCID-bqpn-m2fh-9kab
13
vulnerability VCID-c9mc-7nts-cfgy
14
vulnerability VCID-csrd-u9cz-u7ak
15
vulnerability VCID-dss4-6ptr-83av
16
vulnerability VCID-e11g-k7zm-vkhu
17
vulnerability VCID-e8ab-9br9-6ybt
18
vulnerability VCID-ebb6-b5tx-5bhf
19
vulnerability VCID-ewfc-rx8b-jfc4
20
vulnerability VCID-h8af-h199-qqfz
21
vulnerability VCID-heu4-cd3d-73ck
22
vulnerability VCID-huph-y2xr-g3dk
23
vulnerability VCID-jpkw-epb8-f7et
24
vulnerability VCID-k8fr-zuyx-yyhg
25
vulnerability VCID-kd2v-rt9y-uqh7
26
vulnerability VCID-kree-2cyw-duh8
27
vulnerability VCID-n1sj-dwab-j3ca
28
vulnerability VCID-p1cf-naeh-bbgx
29
vulnerability VCID-p3dy-qbad-q3ab
30
vulnerability VCID-r1hk-cy5k-9kad
31
vulnerability VCID-rr79-famc-37a8
32
vulnerability VCID-tc69-2tad-43cv
33
vulnerability VCID-uh69-24kx-xucy
34
vulnerability VCID-vk15-7qdb-xkh9
35
vulnerability VCID-w1cf-9x6v-pyhw
36
vulnerability VCID-x373-rhh4-7khm
37
vulnerability VCID-xpa3-1n87-8ucv
38
vulnerability VCID-y6nj-8y3j-hbfw
39
vulnerability VCID-yq3g-ykeu-pfbp
40
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.2.6
1
url pkg:gem/rack@1.3.0.beta
purl pkg:gem/rack@1.3.0.beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-hxfx-e71r-9ye8
25
vulnerability VCID-jpkw-epb8-f7et
26
vulnerability VCID-k8fr-zuyx-yyhg
27
vulnerability VCID-kd2v-rt9y-uqh7
28
vulnerability VCID-kree-2cyw-duh8
29
vulnerability VCID-n1sj-dwab-j3ca
30
vulnerability VCID-p1cf-naeh-bbgx
31
vulnerability VCID-p3dy-qbad-q3ab
32
vulnerability VCID-r1hk-cy5k-9kad
33
vulnerability VCID-rr79-famc-37a8
34
vulnerability VCID-tc69-2tad-43cv
35
vulnerability VCID-uh69-24kx-xucy
36
vulnerability VCID-vk15-7qdb-xkh9
37
vulnerability VCID-w1cf-9x6v-pyhw
38
vulnerability VCID-x373-rhh4-7khm
39
vulnerability VCID-xpa3-1n87-8ucv
40
vulnerability VCID-y6nj-8y3j-hbfw
41
vulnerability VCID-yq3g-ykeu-pfbp
42
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.0.beta
2
url pkg:gem/rack@1.3.7
purl pkg:gem/rack@1.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-jpkw-epb8-f7et
25
vulnerability VCID-k8fr-zuyx-yyhg
26
vulnerability VCID-kd2v-rt9y-uqh7
27
vulnerability VCID-kree-2cyw-duh8
28
vulnerability VCID-n1sj-dwab-j3ca
29
vulnerability VCID-p1cf-naeh-bbgx
30
vulnerability VCID-p3dy-qbad-q3ab
31
vulnerability VCID-r1hk-cy5k-9kad
32
vulnerability VCID-rr79-famc-37a8
33
vulnerability VCID-tc69-2tad-43cv
34
vulnerability VCID-uh69-24kx-xucy
35
vulnerability VCID-vk15-7qdb-xkh9
36
vulnerability VCID-w1cf-9x6v-pyhw
37
vulnerability VCID-x373-rhh4-7khm
38
vulnerability VCID-xpa3-1n87-8ucv
39
vulnerability VCID-y6nj-8y3j-hbfw
40
vulnerability VCID-yq3g-ykeu-pfbp
41
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.7
3
url pkg:gem/rack@1.4.2
purl pkg:gem/rack@1.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6dhj-xgsb-nkhd
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-6yf4-8k7v-p7d7
8
vulnerability VCID-7cef-z5qm-afd8
9
vulnerability VCID-a8x9-j9b3-jycb
10
vulnerability VCID-amfu-8d25-juhy
11
vulnerability VCID-bj83-rx84-v3g9
12
vulnerability VCID-bqpn-m2fh-9kab
13
vulnerability VCID-c9mc-7nts-cfgy
14
vulnerability VCID-csrd-u9cz-u7ak
15
vulnerability VCID-dss4-6ptr-83av
16
vulnerability VCID-e11g-k7zm-vkhu
17
vulnerability VCID-e8ab-9br9-6ybt
18
vulnerability VCID-ebb6-b5tx-5bhf
19
vulnerability VCID-ewfc-rx8b-jfc4
20
vulnerability VCID-h8af-h199-qqfz
21
vulnerability VCID-heu4-cd3d-73ck
22
vulnerability VCID-huph-y2xr-g3dk
23
vulnerability VCID-jpkw-epb8-f7et
24
vulnerability VCID-k8fr-zuyx-yyhg
25
vulnerability VCID-kd2v-rt9y-uqh7
26
vulnerability VCID-kree-2cyw-duh8
27
vulnerability VCID-n1sj-dwab-j3ca
28
vulnerability VCID-p1cf-naeh-bbgx
29
vulnerability VCID-p3dy-qbad-q3ab
30
vulnerability VCID-r1hk-cy5k-9kad
31
vulnerability VCID-rr79-famc-37a8
32
vulnerability VCID-tc69-2tad-43cv
33
vulnerability VCID-uh69-24kx-xucy
34
vulnerability VCID-vk15-7qdb-xkh9
35
vulnerability VCID-w1cf-9x6v-pyhw
36
vulnerability VCID-x373-rhh4-7khm
37
vulnerability VCID-xpa3-1n87-8ucv
38
vulnerability VCID-y6nj-8y3j-hbfw
39
vulnerability VCID-yq3g-ykeu-pfbp
40
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.4.2
aliases CVE-2012-6109, GHSA-h77x-m5q8-c29h, OSV-89317
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4u64-j7gm-5ke9
1
url VCID-a8x9-j9b3-jycb
vulnerability_id VCID-a8x9-j9b3-jycb
summary 
Denial of Service Vulnerability in Rack Multipart Parsing
There is a possible denial of service vulnerability in the multipart parsing
component of Rack.  This vulnerability has been assigned the CVE identifier
CVE-2022-30122.

Versions Affected:  >= 1.2
Not affected:       < 1.2
Fixed Versions:     2.0.9.1, 2.1.4.1, 2.2.3.1

## Impact
Carefully crafted multipart POST requests can cause Rack's multipart parser to
take much longer than expected, leading to a possible denial of service
vulnerability.

Impacted code will use Rack's multipart parser to parse multipart posts.  This
includes directly using the multipart parser like this:

```
params = Rack::Multipart.parse_multipart(env)
```

But it also includes reading POST data from a Rack request object like this:

```
p request.POST # read POST data
p request.params # reads both query params and POST data
```

All users running an affected release should either upgrade or use one of the
workarounds immediately.

## Workarounds
There are no feasible workarounds for this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30122.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30122
reference_id
reference_type
scores
0
value 0.01042
scoring_system epss
scoring_elements 0.77801
published_at 2026-06-04T12:55:00Z
1
value 0.01042
scoring_system epss
scoring_elements 0.77816
published_at 2026-06-08T12:55:00Z
2
value 0.01042
scoring_system epss
scoring_elements 0.77826
published_at 2026-06-07T12:55:00Z
3
value 0.01042
scoring_system epss
scoring_elements 0.77835
published_at 2026-06-06T12:55:00Z
4
value 0.01042
scoring_system epss
scoring_elements 0.77829
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30122
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
9
reference_url https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
13
reference_url https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30122
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30122
15
reference_url https://security.gentoo.org/glsa/202310-18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://security.gentoo.org/glsa/202310-18
16
reference_url https://security.netapp.com/advisory/ntap-20231208-0012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231208-0012
17
reference_url https://www.debian.org/security/2023/dsa-5530
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://www.debian.org/security/2023/dsa-5530
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2099519
reference_id 2099519
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2099519
19
reference_url https://github.com/advisories/GHSA-hxqx-xwvh-44m2
reference_id GHSA-hxqx-xwvh-44m2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hxqx-xwvh-44m2
20
reference_url https://security.netapp.com/advisory/ntap-20231208-0012/
reference_id ntap-20231208-0012
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://security.netapp.com/advisory/ntap-20231208-0012/
21
reference_url https://access.redhat.com/errata/RHSA-2022:7242
reference_id RHSA-2022:7242
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7242
22
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
23
reference_url https://usn.ubuntu.com/5896-1/
reference_id USN-5896-1
reference_type
scores
url https://usn.ubuntu.com/5896-1/
24
reference_url https://usn.ubuntu.com/7036-1/
reference_id USN-7036-1
reference_type
scores
url https://usn.ubuntu.com/7036-1/
25
reference_url https://usn.ubuntu.com/USN-5253-1/
reference_id USN-USN-5253-1
reference_type
scores
url https://usn.ubuntu.com/USN-5253-1/
fixed_packages
0
url pkg:gem/rack@2.0.9.1
purl pkg:gem/rack@2.0.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-3jru-u17n-tyg1
2
vulnerability VCID-3nmb-xetr-6qbg
3
vulnerability VCID-52qe-dast-tkhu
4
vulnerability VCID-6ydb-e746-vbd8
5
vulnerability VCID-7cef-z5qm-afd8
6
vulnerability VCID-amfu-8d25-juhy
7
vulnerability VCID-bj83-rx84-v3g9
8
vulnerability VCID-bqpn-m2fh-9kab
9
vulnerability VCID-c9mc-7nts-cfgy
10
vulnerability VCID-csrd-u9cz-u7ak
11
vulnerability VCID-dss4-6ptr-83av
12
vulnerability VCID-e11g-k7zm-vkhu
13
vulnerability VCID-e8ab-9br9-6ybt
14
vulnerability VCID-ebb6-b5tx-5bhf
15
vulnerability VCID-ewfc-rx8b-jfc4
16
vulnerability VCID-h8af-h199-qqfz
17
vulnerability VCID-heu4-cd3d-73ck
18
vulnerability VCID-k8fr-zuyx-yyhg
19
vulnerability VCID-mgx9-9bua-37f3
20
vulnerability VCID-p1cf-naeh-bbgx
21
vulnerability VCID-p3dy-qbad-q3ab
22
vulnerability VCID-r1hk-cy5k-9kad
23
vulnerability VCID-tc69-2tad-43cv
24
vulnerability VCID-uh69-24kx-xucy
25
vulnerability VCID-vk15-7qdb-xkh9
26
vulnerability VCID-x373-rhh4-7khm
27
vulnerability VCID-xpa3-1n87-8ucv
28
vulnerability VCID-y6nj-8y3j-hbfw
29
vulnerability VCID-yq3g-ykeu-pfbp
30
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.1
1
url pkg:gem/rack@2.1.4.1
purl pkg:gem/rack@2.1.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-3jru-u17n-tyg1
2
vulnerability VCID-3nmb-xetr-6qbg
3
vulnerability VCID-52qe-dast-tkhu
4
vulnerability VCID-6ydb-e746-vbd8
5
vulnerability VCID-7cef-z5qm-afd8
6
vulnerability VCID-amfu-8d25-juhy
7
vulnerability VCID-bj83-rx84-v3g9
8
vulnerability VCID-bqpn-m2fh-9kab
9
vulnerability VCID-c9mc-7nts-cfgy
10
vulnerability VCID-csrd-u9cz-u7ak
11
vulnerability VCID-dss4-6ptr-83av
12
vulnerability VCID-e11g-k7zm-vkhu
13
vulnerability VCID-e8ab-9br9-6ybt
14
vulnerability VCID-ebb6-b5tx-5bhf
15
vulnerability VCID-ewfc-rx8b-jfc4
16
vulnerability VCID-h8af-h199-qqfz
17
vulnerability VCID-heu4-cd3d-73ck
18
vulnerability VCID-k8fr-zuyx-yyhg
19
vulnerability VCID-mgx9-9bua-37f3
20
vulnerability VCID-p1cf-naeh-bbgx
21
vulnerability VCID-p3dy-qbad-q3ab
22
vulnerability VCID-r1hk-cy5k-9kad
23
vulnerability VCID-tc69-2tad-43cv
24
vulnerability VCID-uh69-24kx-xucy
25
vulnerability VCID-vk15-7qdb-xkh9
26
vulnerability VCID-x373-rhh4-7khm
27
vulnerability VCID-xpa3-1n87-8ucv
28
vulnerability VCID-y6nj-8y3j-hbfw
29
vulnerability VCID-yq3g-ykeu-pfbp
30
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.1
2
url pkg:gem/rack@2.2.3.1
purl pkg:gem/rack@2.2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-3jru-u17n-tyg1
2
vulnerability VCID-3nmb-xetr-6qbg
3
vulnerability VCID-52qe-dast-tkhu
4
vulnerability VCID-6ydb-e746-vbd8
5
vulnerability VCID-7cef-z5qm-afd8
6
vulnerability VCID-amfu-8d25-juhy
7
vulnerability VCID-bj83-rx84-v3g9
8
vulnerability VCID-bqpn-m2fh-9kab
9
vulnerability VCID-c9mc-7nts-cfgy
10
vulnerability VCID-csrd-u9cz-u7ak
11
vulnerability VCID-dss4-6ptr-83av
12
vulnerability VCID-e11g-k7zm-vkhu
13
vulnerability VCID-e8ab-9br9-6ybt
14
vulnerability VCID-ebb6-b5tx-5bhf
15
vulnerability VCID-ewfc-rx8b-jfc4
16
vulnerability VCID-h8af-h199-qqfz
17
vulnerability VCID-heu4-cd3d-73ck
18
vulnerability VCID-k8fr-zuyx-yyhg
19
vulnerability VCID-mgx9-9bua-37f3
20
vulnerability VCID-p1cf-naeh-bbgx
21
vulnerability VCID-p3dy-qbad-q3ab
22
vulnerability VCID-r1hk-cy5k-9kad
23
vulnerability VCID-tc69-2tad-43cv
24
vulnerability VCID-uh69-24kx-xucy
25
vulnerability VCID-vk15-7qdb-xkh9
26
vulnerability VCID-x373-rhh4-7khm
27
vulnerability VCID-xpa3-1n87-8ucv
28
vulnerability VCID-y6nj-8y3j-hbfw
29
vulnerability VCID-yq3g-ykeu-pfbp
30
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.3.1
aliases CVE-2022-30122, GHSA-hxqx-xwvh-44m2, GMS-2022-1643
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8x9-j9b3-jycb
2
url VCID-hxfx-e71r-9ye8
vulnerability_id VCID-hxfx-e71r-9ye8
summary 
Hash Collision Form Parameter Parsing Remote DoS
This package contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.
references
0
reference_url http://osvdb.org/show/osvdb/78121
reference_id
reference_type
scores
url http://osvdb.org/show/osvdb/78121
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5036.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5036.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-5036
reference_id
reference_type
scores
0
value 0.01278
scoring_system epss
scoring_elements 0.79902
published_at 2026-06-04T12:55:00Z
1
value 0.01278
scoring_system epss
scoring_elements 0.79917
published_at 2026-06-08T12:55:00Z
2
value 0.01278
scoring_system epss
scoring_elements 0.79928
published_at 2026-06-07T12:55:00Z
3
value 0.01278
scoring_system epss
scoring_elements 0.79932
published_at 2026-06-06T12:55:00Z
4
value 0.01278
scoring_system epss
scoring_elements 0.79927
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-5036
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5036
4
reference_url https://gist.github.com/52bbc6b9cc19ce330829
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/52bbc6b9cc19ce330829
5
reference_url https://github.com/rack/rack/commit/09c5e53f11a491c25bef873ed146842f3cd03228
reference_id
reference_type
scores
url https://github.com/rack/rack/commit/09c5e53f11a491c25bef873ed146842f3cd03228
6
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2011-5036.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2011-5036.yml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-5036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-5036
8
reference_url https://web.archive.org/web/20120201040317/http://jruby.org/2011/12/27/jruby-1-6-5-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120201040317/http://jruby.org/2011/12/27/jruby-1-6-5-1
9
reference_url https://web.archive.org/web/20130213132312/http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130213132312/http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
10
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
11
reference_url http://www.kb.cert.org/vuls/id/903934
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/903934
12
reference_url http://www.nruns.com/_downloads/advisory28122011.pdf
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.nruns.com/_downloads/advisory28122011.pdf
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653963
reference_id 653963
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653963
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=771149
reference_id 771149
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=771149
15
reference_url http://www.ocert.org/advisories/ocert-2011-003.html
reference_id CVE-2011-4885;OSVDB-78115
reference_type exploit
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ocert.org/advisories/ocert-2011-003.html
16
reference_url https://github.com/advisories/GHSA-v6j3-7jrw-hq2p
reference_id GHSA-v6j3-7jrw-hq2p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6j3-7jrw-hq2p
17
reference_url https://security.gentoo.org/glsa/201203-05
reference_id GLSA-201203-05
reference_type
scores
url https://security.gentoo.org/glsa/201203-05
fixed_packages
0
url pkg:gem/rack@1.2.5
purl pkg:gem/rack@1.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-jpkw-epb8-f7et
25
vulnerability VCID-k8fr-zuyx-yyhg
26
vulnerability VCID-kd2v-rt9y-uqh7
27
vulnerability VCID-kree-2cyw-duh8
28
vulnerability VCID-n1sj-dwab-j3ca
29
vulnerability VCID-p1cf-naeh-bbgx
30
vulnerability VCID-p3dy-qbad-q3ab
31
vulnerability VCID-r1hk-cy5k-9kad
32
vulnerability VCID-rr79-famc-37a8
33
vulnerability VCID-tc69-2tad-43cv
34
vulnerability VCID-uh69-24kx-xucy
35
vulnerability VCID-vk15-7qdb-xkh9
36
vulnerability VCID-w1cf-9x6v-pyhw
37
vulnerability VCID-x373-rhh4-7khm
38
vulnerability VCID-xpa3-1n87-8ucv
39
vulnerability VCID-y6nj-8y3j-hbfw
40
vulnerability VCID-yq3g-ykeu-pfbp
41
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.2.5
1
url pkg:gem/rack@1.3.0.beta
purl pkg:gem/rack@1.3.0.beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-hxfx-e71r-9ye8
25
vulnerability VCID-jpkw-epb8-f7et
26
vulnerability VCID-k8fr-zuyx-yyhg
27
vulnerability VCID-kd2v-rt9y-uqh7
28
vulnerability VCID-kree-2cyw-duh8
29
vulnerability VCID-n1sj-dwab-j3ca
30
vulnerability VCID-p1cf-naeh-bbgx
31
vulnerability VCID-p3dy-qbad-q3ab
32
vulnerability VCID-r1hk-cy5k-9kad
33
vulnerability VCID-rr79-famc-37a8
34
vulnerability VCID-tc69-2tad-43cv
35
vulnerability VCID-uh69-24kx-xucy
36
vulnerability VCID-vk15-7qdb-xkh9
37
vulnerability VCID-w1cf-9x6v-pyhw
38
vulnerability VCID-x373-rhh4-7khm
39
vulnerability VCID-xpa3-1n87-8ucv
40
vulnerability VCID-y6nj-8y3j-hbfw
41
vulnerability VCID-yq3g-ykeu-pfbp
42
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.0.beta
2
url pkg:gem/rack@1.3.6
purl pkg:gem/rack@1.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-jpkw-epb8-f7et
25
vulnerability VCID-k8fr-zuyx-yyhg
26
vulnerability VCID-kd2v-rt9y-uqh7
27
vulnerability VCID-kree-2cyw-duh8
28
vulnerability VCID-n1sj-dwab-j3ca
29
vulnerability VCID-p1cf-naeh-bbgx
30
vulnerability VCID-p3dy-qbad-q3ab
31
vulnerability VCID-r1hk-cy5k-9kad
32
vulnerability VCID-rr79-famc-37a8
33
vulnerability VCID-tc69-2tad-43cv
34
vulnerability VCID-uh69-24kx-xucy
35
vulnerability VCID-vk15-7qdb-xkh9
36
vulnerability VCID-w1cf-9x6v-pyhw
37
vulnerability VCID-x373-rhh4-7khm
38
vulnerability VCID-xpa3-1n87-8ucv
39
vulnerability VCID-y6nj-8y3j-hbfw
40
vulnerability VCID-yq3g-ykeu-pfbp
41
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.6
3
url pkg:gem/rack@1.4.0
purl pkg:gem/rack@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-jpkw-epb8-f7et
25
vulnerability VCID-k8fr-zuyx-yyhg
26
vulnerability VCID-kd2v-rt9y-uqh7
27
vulnerability VCID-kree-2cyw-duh8
28
vulnerability VCID-n1sj-dwab-j3ca
29
vulnerability VCID-p1cf-naeh-bbgx
30
vulnerability VCID-p3dy-qbad-q3ab
31
vulnerability VCID-r1hk-cy5k-9kad
32
vulnerability VCID-rr79-famc-37a8
33
vulnerability VCID-tc69-2tad-43cv
34
vulnerability VCID-uh69-24kx-xucy
35
vulnerability VCID-vk15-7qdb-xkh9
36
vulnerability VCID-w1cf-9x6v-pyhw
37
vulnerability VCID-x373-rhh4-7khm
38
vulnerability VCID-xpa3-1n87-8ucv
39
vulnerability VCID-y6nj-8y3j-hbfw
40
vulnerability VCID-yq3g-ykeu-pfbp
41
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.4.0
aliases CVE-2011-5036, GHSA-v6j3-7jrw-hq2p, OSV-78121
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxfx-e71r-9ye8
3
url VCID-kree-2cyw-duh8
vulnerability_id VCID-kree-2cyw-duh8
summary 
Uncontrolled Resource Consumption
Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings."
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-0544.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0544.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0548.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0548.html
3
reference_url https://access.redhat.com/errata/RHSA-2013:0544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0544
4
reference_url https://access.redhat.com/errata/RHSA-2013:0548
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2013:0548
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json
6
reference_url https://access.redhat.com/security/cve/CVE-2013-0184
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-0184
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
reference_id
reference_type
scores
0
value 0.00677
scoring_system epss
scoring_elements 0.71925
published_at 2026-06-08T12:55:00Z
1
value 0.00677
scoring_system epss
scoring_elements 0.71915
published_at 2026-06-04T12:55:00Z
2
value 0.00677
scoring_system epss
scoring_elements 0.71954
published_at 2026-06-05T12:55:00Z
3
value 0.00677
scoring_system epss
scoring_elements 0.71962
published_at 2026-06-06T12:55:00Z
4
value 0.00677
scoring_system epss
scoring_elements 0.71939
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0184
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=895384
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=895384
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
10
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
11
reference_url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d
12
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
reference_id 698440
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
reference_id CVE-2013-0184
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0184
15
reference_url https://github.com/advisories/GHSA-v882-ccj6-jc48
reference_id GHSA-v882-ccj6-jc48
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v882-ccj6-jc48
16
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
fixed_packages
0
url pkg:gem/rack@1.2.7
purl pkg:gem/rack@1.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-7cef-z5qm-afd8
9
vulnerability VCID-a8x9-j9b3-jycb
10
vulnerability VCID-amfu-8d25-juhy
11
vulnerability VCID-bj83-rx84-v3g9
12
vulnerability VCID-bqpn-m2fh-9kab
13
vulnerability VCID-c9mc-7nts-cfgy
14
vulnerability VCID-csrd-u9cz-u7ak
15
vulnerability VCID-dss4-6ptr-83av
16
vulnerability VCID-e11g-k7zm-vkhu
17
vulnerability VCID-e8ab-9br9-6ybt
18
vulnerability VCID-ebb6-b5tx-5bhf
19
vulnerability VCID-ewfc-rx8b-jfc4
20
vulnerability VCID-h8af-h199-qqfz
21
vulnerability VCID-heu4-cd3d-73ck
22
vulnerability VCID-huph-y2xr-g3dk
23
vulnerability VCID-jpkw-epb8-f7et
24
vulnerability VCID-k8fr-zuyx-yyhg
25
vulnerability VCID-kd2v-rt9y-uqh7
26
vulnerability VCID-kree-2cyw-duh8
27
vulnerability VCID-n1sj-dwab-j3ca
28
vulnerability VCID-p1cf-naeh-bbgx
29
vulnerability VCID-p3dy-qbad-q3ab
30
vulnerability VCID-r1hk-cy5k-9kad
31
vulnerability VCID-rr79-famc-37a8
32
vulnerability VCID-tc69-2tad-43cv
33
vulnerability VCID-uh69-24kx-xucy
34
vulnerability VCID-vk15-7qdb-xkh9
35
vulnerability VCID-w1cf-9x6v-pyhw
36
vulnerability VCID-x373-rhh4-7khm
37
vulnerability VCID-xpa3-1n87-8ucv
38
vulnerability VCID-y6nj-8y3j-hbfw
39
vulnerability VCID-yq3g-ykeu-pfbp
40
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.2.7
1
url pkg:gem/rack@1.3.0.beta
purl pkg:gem/rack@1.3.0.beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-hxfx-e71r-9ye8
25
vulnerability VCID-jpkw-epb8-f7et
26
vulnerability VCID-k8fr-zuyx-yyhg
27
vulnerability VCID-kd2v-rt9y-uqh7
28
vulnerability VCID-kree-2cyw-duh8
29
vulnerability VCID-n1sj-dwab-j3ca
30
vulnerability VCID-p1cf-naeh-bbgx
31
vulnerability VCID-p3dy-qbad-q3ab
32
vulnerability VCID-r1hk-cy5k-9kad
33
vulnerability VCID-rr79-famc-37a8
34
vulnerability VCID-tc69-2tad-43cv
35
vulnerability VCID-uh69-24kx-xucy
36
vulnerability VCID-vk15-7qdb-xkh9
37
vulnerability VCID-w1cf-9x6v-pyhw
38
vulnerability VCID-x373-rhh4-7khm
39
vulnerability VCID-xpa3-1n87-8ucv
40
vulnerability VCID-y6nj-8y3j-hbfw
41
vulnerability VCID-yq3g-ykeu-pfbp
42
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.0.beta
2
url pkg:gem/rack@1.3.9
purl pkg:gem/rack@1.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-jpkw-epb8-f7et
25
vulnerability VCID-k8fr-zuyx-yyhg
26
vulnerability VCID-kd2v-rt9y-uqh7
27
vulnerability VCID-kree-2cyw-duh8
28
vulnerability VCID-n1sj-dwab-j3ca
29
vulnerability VCID-p1cf-naeh-bbgx
30
vulnerability VCID-p3dy-qbad-q3ab
31
vulnerability VCID-r1hk-cy5k-9kad
32
vulnerability VCID-rr79-famc-37a8
33
vulnerability VCID-tc69-2tad-43cv
34
vulnerability VCID-uh69-24kx-xucy
35
vulnerability VCID-vk15-7qdb-xkh9
36
vulnerability VCID-w1cf-9x6v-pyhw
37
vulnerability VCID-x373-rhh4-7khm
38
vulnerability VCID-xpa3-1n87-8ucv
39
vulnerability VCID-y6nj-8y3j-hbfw
40
vulnerability VCID-yq3g-ykeu-pfbp
41
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.9
3
url pkg:gem/rack@1.4.4
purl pkg:gem/rack@1.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6dhj-xgsb-nkhd
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-7cef-z5qm-afd8
8
vulnerability VCID-a8x9-j9b3-jycb
9
vulnerability VCID-amfu-8d25-juhy
10
vulnerability VCID-bj83-rx84-v3g9
11
vulnerability VCID-bqpn-m2fh-9kab
12
vulnerability VCID-c9mc-7nts-cfgy
13
vulnerability VCID-csrd-u9cz-u7ak
14
vulnerability VCID-dss4-6ptr-83av
15
vulnerability VCID-e11g-k7zm-vkhu
16
vulnerability VCID-e8ab-9br9-6ybt
17
vulnerability VCID-ebb6-b5tx-5bhf
18
vulnerability VCID-ewfc-rx8b-jfc4
19
vulnerability VCID-h8af-h199-qqfz
20
vulnerability VCID-heu4-cd3d-73ck
21
vulnerability VCID-huph-y2xr-g3dk
22
vulnerability VCID-jpkw-epb8-f7et
23
vulnerability VCID-k8fr-zuyx-yyhg
24
vulnerability VCID-kd2v-rt9y-uqh7
25
vulnerability VCID-n1sj-dwab-j3ca
26
vulnerability VCID-p1cf-naeh-bbgx
27
vulnerability VCID-p3dy-qbad-q3ab
28
vulnerability VCID-r1hk-cy5k-9kad
29
vulnerability VCID-rr79-famc-37a8
30
vulnerability VCID-tc69-2tad-43cv
31
vulnerability VCID-uh69-24kx-xucy
32
vulnerability VCID-vk15-7qdb-xkh9
33
vulnerability VCID-w1cf-9x6v-pyhw
34
vulnerability VCID-x373-rhh4-7khm
35
vulnerability VCID-xpa3-1n87-8ucv
36
vulnerability VCID-y6nj-8y3j-hbfw
37
vulnerability VCID-yq3g-ykeu-pfbp
38
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.4.4
4
url pkg:gem/rack@1.5.0.beta.1
purl pkg:gem/rack@1.5.0.beta.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6dhj-xgsb-nkhd
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-7cef-z5qm-afd8
8
vulnerability VCID-a8x9-j9b3-jycb
9
vulnerability VCID-amfu-8d25-juhy
10
vulnerability VCID-bj83-rx84-v3g9
11
vulnerability VCID-bqpn-m2fh-9kab
12
vulnerability VCID-c9mc-7nts-cfgy
13
vulnerability VCID-csrd-u9cz-u7ak
14
vulnerability VCID-dss4-6ptr-83av
15
vulnerability VCID-e11g-k7zm-vkhu
16
vulnerability VCID-e8ab-9br9-6ybt
17
vulnerability VCID-ebb6-b5tx-5bhf
18
vulnerability VCID-ewfc-rx8b-jfc4
19
vulnerability VCID-h8af-h199-qqfz
20
vulnerability VCID-heu4-cd3d-73ck
21
vulnerability VCID-huph-y2xr-g3dk
22
vulnerability VCID-jpkw-epb8-f7et
23
vulnerability VCID-k8fr-zuyx-yyhg
24
vulnerability VCID-kd2v-rt9y-uqh7
25
vulnerability VCID-kree-2cyw-duh8
26
vulnerability VCID-n1sj-dwab-j3ca
27
vulnerability VCID-p1cf-naeh-bbgx
28
vulnerability VCID-p3dy-qbad-q3ab
29
vulnerability VCID-r1hk-cy5k-9kad
30
vulnerability VCID-tc69-2tad-43cv
31
vulnerability VCID-uh69-24kx-xucy
32
vulnerability VCID-vk15-7qdb-xkh9
33
vulnerability VCID-w1cf-9x6v-pyhw
34
vulnerability VCID-x373-rhh4-7khm
35
vulnerability VCID-xpa3-1n87-8ucv
36
vulnerability VCID-y6nj-8y3j-hbfw
37
vulnerability VCID-yq3g-ykeu-pfbp
38
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.5.0.beta.1
aliases CVE-2013-0184, GHSA-v882-ccj6-jc48, OSV-89327
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kree-2cyw-duh8
4
url VCID-w1cf-9x6v-pyhw
vulnerability_id VCID-w1cf-9x6v-pyhw
summary 
Timing attack against Rack::Session::Cookie
Affected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
1
reference_url http://rack.github.com/
reference_id
reference_type
scores
url http://rack.github.com/
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-0686.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0263
reference_id
reference_type
scores
0
value 0.16071
scoring_system epss
scoring_elements 0.94909
published_at 2026-06-04T12:55:00Z
1
value 0.16071
scoring_system epss
scoring_elements 0.9492
published_at 2026-06-08T12:55:00Z
2
value 0.16071
scoring_system epss
scoring_elements 0.94919
published_at 2026-06-06T12:55:00Z
3
value 0.16071
scoring_system epss
scoring_elements 0.94918
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0263
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=909071
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=909071
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
7
reference_url https://gist.github.com/codahale/f9f3781f7b54985bee94
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/codahale/f9f3781f7b54985bee94
8
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
9
reference_url https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
10
reference_url https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
11
reference_url https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
12
reference_url https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
13
reference_url https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
14
reference_url https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
15
reference_url https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0263
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-0263
17
reference_url http://www.debian.org/security/2013/dsa-2783
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2783
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226
reference_id 700226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226
19
reference_url https://github.com/advisories/GHSA-xc85-32mf-xpv8
reference_id GHSA-xc85-32mf-xpv8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xc85-32mf-xpv8
20
reference_url https://security.gentoo.org/glsa/201405-10
reference_id GLSA-201405-10
reference_type
scores
url https://security.gentoo.org/glsa/201405-10
21
reference_url https://access.redhat.com/errata/RHSA-2013:0686
reference_id RHSA-2013:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0686
fixed_packages
0
url pkg:gem/rack@1.2.8
purl pkg:gem/rack@1.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-7cef-z5qm-afd8
8
vulnerability VCID-a8x9-j9b3-jycb
9
vulnerability VCID-amfu-8d25-juhy
10
vulnerability VCID-bj83-rx84-v3g9
11
vulnerability VCID-bqpn-m2fh-9kab
12
vulnerability VCID-c9mc-7nts-cfgy
13
vulnerability VCID-csrd-u9cz-u7ak
14
vulnerability VCID-dss4-6ptr-83av
15
vulnerability VCID-e11g-k7zm-vkhu
16
vulnerability VCID-e8ab-9br9-6ybt
17
vulnerability VCID-ebb6-b5tx-5bhf
18
vulnerability VCID-ewfc-rx8b-jfc4
19
vulnerability VCID-h8af-h199-qqfz
20
vulnerability VCID-heu4-cd3d-73ck
21
vulnerability VCID-huph-y2xr-g3dk
22
vulnerability VCID-jpkw-epb8-f7et
23
vulnerability VCID-k8fr-zuyx-yyhg
24
vulnerability VCID-kd2v-rt9y-uqh7
25
vulnerability VCID-kree-2cyw-duh8
26
vulnerability VCID-n1sj-dwab-j3ca
27
vulnerability VCID-p1cf-naeh-bbgx
28
vulnerability VCID-p3dy-qbad-q3ab
29
vulnerability VCID-r1hk-cy5k-9kad
30
vulnerability VCID-rr79-famc-37a8
31
vulnerability VCID-tc69-2tad-43cv
32
vulnerability VCID-uh69-24kx-xucy
33
vulnerability VCID-vk15-7qdb-xkh9
34
vulnerability VCID-x373-rhh4-7khm
35
vulnerability VCID-xpa3-1n87-8ucv
36
vulnerability VCID-y6nj-8y3j-hbfw
37
vulnerability VCID-yq3g-ykeu-pfbp
38
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.2.8
1
url pkg:gem/rack@1.3.0.beta
purl pkg:gem/rack@1.3.0.beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6dhj-xgsb-nkhd
7
vulnerability VCID-6ydb-e746-vbd8
8
vulnerability VCID-6yf4-8k7v-p7d7
9
vulnerability VCID-7cef-z5qm-afd8
10
vulnerability VCID-a8x9-j9b3-jycb
11
vulnerability VCID-amfu-8d25-juhy
12
vulnerability VCID-bj83-rx84-v3g9
13
vulnerability VCID-bqpn-m2fh-9kab
14
vulnerability VCID-c9mc-7nts-cfgy
15
vulnerability VCID-csrd-u9cz-u7ak
16
vulnerability VCID-dss4-6ptr-83av
17
vulnerability VCID-e11g-k7zm-vkhu
18
vulnerability VCID-e8ab-9br9-6ybt
19
vulnerability VCID-ebb6-b5tx-5bhf
20
vulnerability VCID-ewfc-rx8b-jfc4
21
vulnerability VCID-h8af-h199-qqfz
22
vulnerability VCID-heu4-cd3d-73ck
23
vulnerability VCID-huph-y2xr-g3dk
24
vulnerability VCID-hxfx-e71r-9ye8
25
vulnerability VCID-jpkw-epb8-f7et
26
vulnerability VCID-k8fr-zuyx-yyhg
27
vulnerability VCID-kd2v-rt9y-uqh7
28
vulnerability VCID-kree-2cyw-duh8
29
vulnerability VCID-n1sj-dwab-j3ca
30
vulnerability VCID-p1cf-naeh-bbgx
31
vulnerability VCID-p3dy-qbad-q3ab
32
vulnerability VCID-r1hk-cy5k-9kad
33
vulnerability VCID-rr79-famc-37a8
34
vulnerability VCID-tc69-2tad-43cv
35
vulnerability VCID-uh69-24kx-xucy
36
vulnerability VCID-vk15-7qdb-xkh9
37
vulnerability VCID-w1cf-9x6v-pyhw
38
vulnerability VCID-x373-rhh4-7khm
39
vulnerability VCID-xpa3-1n87-8ucv
40
vulnerability VCID-y6nj-8y3j-hbfw
41
vulnerability VCID-yq3g-ykeu-pfbp
42
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.0.beta
2
url pkg:gem/rack@1.3.10
purl pkg:gem/rack@1.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-4u64-j7gm-5ke9
5
vulnerability VCID-52qe-dast-tkhu
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-6yf4-8k7v-p7d7
8
vulnerability VCID-7cef-z5qm-afd8
9
vulnerability VCID-a8x9-j9b3-jycb
10
vulnerability VCID-amfu-8d25-juhy
11
vulnerability VCID-bj83-rx84-v3g9
12
vulnerability VCID-bqpn-m2fh-9kab
13
vulnerability VCID-c9mc-7nts-cfgy
14
vulnerability VCID-csrd-u9cz-u7ak
15
vulnerability VCID-dss4-6ptr-83av
16
vulnerability VCID-e11g-k7zm-vkhu
17
vulnerability VCID-e8ab-9br9-6ybt
18
vulnerability VCID-ebb6-b5tx-5bhf
19
vulnerability VCID-ewfc-rx8b-jfc4
20
vulnerability VCID-h8af-h199-qqfz
21
vulnerability VCID-heu4-cd3d-73ck
22
vulnerability VCID-huph-y2xr-g3dk
23
vulnerability VCID-jpkw-epb8-f7et
24
vulnerability VCID-k8fr-zuyx-yyhg
25
vulnerability VCID-kd2v-rt9y-uqh7
26
vulnerability VCID-kree-2cyw-duh8
27
vulnerability VCID-n1sj-dwab-j3ca
28
vulnerability VCID-p1cf-naeh-bbgx
29
vulnerability VCID-p3dy-qbad-q3ab
30
vulnerability VCID-r1hk-cy5k-9kad
31
vulnerability VCID-rr79-famc-37a8
32
vulnerability VCID-tc69-2tad-43cv
33
vulnerability VCID-uh69-24kx-xucy
34
vulnerability VCID-vk15-7qdb-xkh9
35
vulnerability VCID-x373-rhh4-7khm
36
vulnerability VCID-xpa3-1n87-8ucv
37
vulnerability VCID-y6nj-8y3j-hbfw
38
vulnerability VCID-yq3g-ykeu-pfbp
39
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.3.10
3
url pkg:gem/rack@1.4.5
purl pkg:gem/rack@1.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6ydb-e746-vbd8
6
vulnerability VCID-7cef-z5qm-afd8
7
vulnerability VCID-a8x9-j9b3-jycb
8
vulnerability VCID-amfu-8d25-juhy
9
vulnerability VCID-bj83-rx84-v3g9
10
vulnerability VCID-bqpn-m2fh-9kab
11
vulnerability VCID-c9mc-7nts-cfgy
12
vulnerability VCID-csrd-u9cz-u7ak
13
vulnerability VCID-dss4-6ptr-83av
14
vulnerability VCID-e11g-k7zm-vkhu
15
vulnerability VCID-e8ab-9br9-6ybt
16
vulnerability VCID-ebb6-b5tx-5bhf
17
vulnerability VCID-ewfc-rx8b-jfc4
18
vulnerability VCID-h8af-h199-qqfz
19
vulnerability VCID-heu4-cd3d-73ck
20
vulnerability VCID-huph-y2xr-g3dk
21
vulnerability VCID-jpkw-epb8-f7et
22
vulnerability VCID-k8fr-zuyx-yyhg
23
vulnerability VCID-kd2v-rt9y-uqh7
24
vulnerability VCID-n1sj-dwab-j3ca
25
vulnerability VCID-p1cf-naeh-bbgx
26
vulnerability VCID-p3dy-qbad-q3ab
27
vulnerability VCID-r1hk-cy5k-9kad
28
vulnerability VCID-rr79-famc-37a8
29
vulnerability VCID-tc69-2tad-43cv
30
vulnerability VCID-uh69-24kx-xucy
31
vulnerability VCID-vk15-7qdb-xkh9
32
vulnerability VCID-x373-rhh4-7khm
33
vulnerability VCID-xpa3-1n87-8ucv
34
vulnerability VCID-y6nj-8y3j-hbfw
35
vulnerability VCID-yq3g-ykeu-pfbp
36
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.4.5
4
url pkg:gem/rack@1.5.0.beta.1
purl pkg:gem/rack@1.5.0.beta.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6dhj-xgsb-nkhd
6
vulnerability VCID-6ydb-e746-vbd8
7
vulnerability VCID-7cef-z5qm-afd8
8
vulnerability VCID-a8x9-j9b3-jycb
9
vulnerability VCID-amfu-8d25-juhy
10
vulnerability VCID-bj83-rx84-v3g9
11
vulnerability VCID-bqpn-m2fh-9kab
12
vulnerability VCID-c9mc-7nts-cfgy
13
vulnerability VCID-csrd-u9cz-u7ak
14
vulnerability VCID-dss4-6ptr-83av
15
vulnerability VCID-e11g-k7zm-vkhu
16
vulnerability VCID-e8ab-9br9-6ybt
17
vulnerability VCID-ebb6-b5tx-5bhf
18
vulnerability VCID-ewfc-rx8b-jfc4
19
vulnerability VCID-h8af-h199-qqfz
20
vulnerability VCID-heu4-cd3d-73ck
21
vulnerability VCID-huph-y2xr-g3dk
22
vulnerability VCID-jpkw-epb8-f7et
23
vulnerability VCID-k8fr-zuyx-yyhg
24
vulnerability VCID-kd2v-rt9y-uqh7
25
vulnerability VCID-kree-2cyw-duh8
26
vulnerability VCID-n1sj-dwab-j3ca
27
vulnerability VCID-p1cf-naeh-bbgx
28
vulnerability VCID-p3dy-qbad-q3ab
29
vulnerability VCID-r1hk-cy5k-9kad
30
vulnerability VCID-tc69-2tad-43cv
31
vulnerability VCID-uh69-24kx-xucy
32
vulnerability VCID-vk15-7qdb-xkh9
33
vulnerability VCID-w1cf-9x6v-pyhw
34
vulnerability VCID-x373-rhh4-7khm
35
vulnerability VCID-xpa3-1n87-8ucv
36
vulnerability VCID-y6nj-8y3j-hbfw
37
vulnerability VCID-yq3g-ykeu-pfbp
38
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.5.0.beta.1
5
url pkg:gem/rack@1.5.2
purl pkg:gem/rack@1.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1j25-qagk-c3gk
1
vulnerability VCID-2bvt-36z3-9qar
2
vulnerability VCID-3jru-u17n-tyg1
3
vulnerability VCID-3nmb-xetr-6qbg
4
vulnerability VCID-52qe-dast-tkhu
5
vulnerability VCID-6ydb-e746-vbd8
6
vulnerability VCID-7cef-z5qm-afd8
7
vulnerability VCID-a8x9-j9b3-jycb
8
vulnerability VCID-amfu-8d25-juhy
9
vulnerability VCID-bj83-rx84-v3g9
10
vulnerability VCID-bqpn-m2fh-9kab
11
vulnerability VCID-c9mc-7nts-cfgy
12
vulnerability VCID-csrd-u9cz-u7ak
13
vulnerability VCID-dss4-6ptr-83av
14
vulnerability VCID-e11g-k7zm-vkhu
15
vulnerability VCID-e8ab-9br9-6ybt
16
vulnerability VCID-ebb6-b5tx-5bhf
17
vulnerability VCID-ewfc-rx8b-jfc4
18
vulnerability VCID-h8af-h199-qqfz
19
vulnerability VCID-heu4-cd3d-73ck
20
vulnerability VCID-huph-y2xr-g3dk
21
vulnerability VCID-jpkw-epb8-f7et
22
vulnerability VCID-k8fr-zuyx-yyhg
23
vulnerability VCID-kd2v-rt9y-uqh7
24
vulnerability VCID-mgx9-9bua-37f3
25
vulnerability VCID-n1sj-dwab-j3ca
26
vulnerability VCID-p1cf-naeh-bbgx
27
vulnerability VCID-p3dy-qbad-q3ab
28
vulnerability VCID-r1hk-cy5k-9kad
29
vulnerability VCID-rr79-famc-37a8
30
vulnerability VCID-tc69-2tad-43cv
31
vulnerability VCID-uh69-24kx-xucy
32
vulnerability VCID-vk15-7qdb-xkh9
33
vulnerability VCID-x373-rhh4-7khm
34
vulnerability VCID-xpa3-1n87-8ucv
35
vulnerability VCID-y6nj-8y3j-hbfw
36
vulnerability VCID-yq3g-ykeu-pfbp
37
vulnerability VCID-zqax-g5xz-wuch
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@1.5.2
aliases CVE-2013-0263, GHSA-xc85-32mf-xpv8, OSV-89939
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1cf-9x6v-pyhw
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/rack@1.2