Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/dev-lang/ruby@2.7.8
Typeebuild
Namespacedev-lang
Nameruby
Version2.7.8
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.6
Latest_non_vulnerable_version3.2.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1vp9-6q85-5ffv
vulnerability_id VCID-1vp9-6q85-5ffv
summary 
Reliance on Cookies without Validation and Integrity Checking in a Security Decision
CGI::Cookie.parse in Ruby mishandles security prefixes in cookie names. This also affects the CGI gem for Ruby.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41819.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41819.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41819
reference_id
reference_type
scores
0
value 0.00755
scoring_system epss
scoring_elements 0.73218
published_at 2026-04-04T12:55:00Z
1
value 0.00755
scoring_system epss
scoring_elements 0.73197
published_at 2026-04-02T12:55:00Z
2
value 0.00755
scoring_system epss
scoring_elements 0.73283
published_at 2026-04-16T12:55:00Z
3
value 0.00755
scoring_system epss
scoring_elements 0.7324
published_at 2026-04-13T12:55:00Z
4
value 0.00755
scoring_system epss
scoring_elements 0.73187
published_at 2026-04-01T12:55:00Z
5
value 0.00755
scoring_system epss
scoring_elements 0.73247
published_at 2026-04-12T12:55:00Z
6
value 0.00755
scoring_system epss
scoring_elements 0.73267
published_at 2026-04-11T12:55:00Z
7
value 0.00755
scoring_system epss
scoring_elements 0.73242
published_at 2026-04-09T12:55:00Z
8
value 0.00755
scoring_system epss
scoring_elements 0.73228
published_at 2026-04-08T12:55:00Z
9
value 0.00755
scoring_system epss
scoring_elements 0.73192
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41819
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/ruby/cgi
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-41819.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-41819.yml
12
reference_url https://hackerone.com/reports/910552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://hackerone.com/reports/910552
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
21
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://security.gentoo.org/glsa/202401-27
22
reference_url https://security.netapp.com/advisory/ntap-20220121-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0003
23
reference_url https://security.netapp.com/advisory/ntap-20220121-0003/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://security.netapp.com/advisory/ntap-20220121-0003/
24
reference_url https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819
25
reference_url https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:43:38Z/
url https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2026757
reference_id 2026757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2026757
27
reference_url https://security.archlinux.org/AVG-2555
reference_id AVG-2555
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2555
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41819
reference_id CVE-2021-41819
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41819
29
reference_url https://github.com/advisories/GHSA-4vf4-qmvg-mh7h
reference_id GHSA-4vf4-qmvg-mh7h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4vf4-qmvg-mh7h
30
reference_url https://access.redhat.com/errata/RHSA-2022:0543
reference_id RHSA-2022:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0543
31
reference_url https://access.redhat.com/errata/RHSA-2022:0544
reference_id RHSA-2022:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0544
32
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
33
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
34
reference_url https://access.redhat.com/errata/RHSA-2022:0708
reference_id RHSA-2022:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0708
35
reference_url https://access.redhat.com/errata/RHSA-2022:5779
reference_id RHSA-2022:5779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5779
36
reference_url https://access.redhat.com/errata/RHSA-2022:6447
reference_id RHSA-2022:6447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6447
37
reference_url https://access.redhat.com/errata/RHSA-2022:6450
reference_id RHSA-2022:6450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6450
38
reference_url https://access.redhat.com/errata/RHSA-2022:6855
reference_id RHSA-2022:6855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6855
39
reference_url https://access.redhat.com/errata/RHSA-2022:6856
reference_id RHSA-2022:6856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6856
40
reference_url https://usn.ubuntu.com/5235-1/
reference_id USN-5235-1
reference_type
scores
url https://usn.ubuntu.com/5235-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-41819, GHSA-4vf4-qmvg-mh7h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vp9-6q85-5ffv
1
url VCID-2sv2-6snv-2bd3
vulnerability_id VCID-2sv2-6snv-2bd3
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28739.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28739.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28739
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.53849
published_at 2026-04-16T12:55:00Z
1
value 0.00306
scoring_system epss
scoring_elements 0.53845
published_at 2026-04-11T12:55:00Z
2
value 0.00306
scoring_system epss
scoring_elements 0.53828
published_at 2026-04-12T12:55:00Z
3
value 0.00306
scoring_system epss
scoring_elements 0.53812
published_at 2026-04-13T12:55:00Z
4
value 0.00306
scoring_system epss
scoring_elements 0.53746
published_at 2026-04-07T12:55:00Z
5
value 0.00306
scoring_system epss
scoring_elements 0.53773
published_at 2026-04-04T12:55:00Z
6
value 0.00306
scoring_system epss
scoring_elements 0.53798
published_at 2026-04-08T12:55:00Z
7
value 0.00306
scoring_system epss
scoring_elements 0.53796
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28739
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009957
reference_id 1009957
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009957
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2075687
reference_id 2075687
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2075687
7
reference_url https://security.archlinux.org/AVG-2757
reference_id AVG-2757
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2757
8
reference_url https://access.redhat.com/errata/RHSA-2022:5338
reference_id RHSA-2022:5338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5338
9
reference_url https://access.redhat.com/errata/RHSA-2022:6447
reference_id RHSA-2022:6447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6447
10
reference_url https://access.redhat.com/errata/RHSA-2022:6450
reference_id RHSA-2022:6450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6450
11
reference_url https://access.redhat.com/errata/RHSA-2022:6585
reference_id RHSA-2022:6585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6585
12
reference_url https://access.redhat.com/errata/RHSA-2022:6855
reference_id RHSA-2022:6855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6855
13
reference_url https://access.redhat.com/errata/RHSA-2022:6856
reference_id RHSA-2022:6856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6856
14
reference_url https://access.redhat.com/errata/RHSA-2023:7025
reference_id RHSA-2023:7025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7025
15
reference_url https://usn.ubuntu.com/5462-1/
reference_id USN-5462-1
reference_type
scores
url https://usn.ubuntu.com/5462-1/
16
reference_url https://usn.ubuntu.com/5462-2/
reference_id USN-5462-2
reference_type
scores
url https://usn.ubuntu.com/5462-2/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2022-28739, GHSA-mvgc-rxvg-hqc6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2sv2-6snv-2bd3
2
url VCID-9g2w-sc9w-eyce
vulnerability_id VCID-9g2w-sc9w-eyce
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33621.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33621.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33621
reference_id
reference_type
scores
0
value 0.01412
scoring_system epss
scoring_elements 0.80528
published_at 2026-04-13T12:55:00Z
1
value 0.01412
scoring_system epss
scoring_elements 0.80536
published_at 2026-04-12T12:55:00Z
2
value 0.01412
scoring_system epss
scoring_elements 0.80522
published_at 2026-04-08T12:55:00Z
3
value 0.01412
scoring_system epss
scoring_elements 0.8055
published_at 2026-04-11T12:55:00Z
4
value 0.01412
scoring_system epss
scoring_elements 0.80532
published_at 2026-04-09T12:55:00Z
5
value 0.01412
scoring_system epss
scoring_elements 0.80475
published_at 2026-04-01T12:55:00Z
6
value 0.01412
scoring_system epss
scoring_elements 0.80481
published_at 2026-04-02T12:55:00Z
7
value 0.01412
scoring_system epss
scoring_elements 0.80502
published_at 2026-04-04T12:55:00Z
8
value 0.01412
scoring_system epss
scoring_elements 0.80492
published_at 2026-04-07T12:55:00Z
9
value 0.01562
scoring_system epss
scoring_elements 0.81521
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33621
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33621
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-33621.yml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-33621.yml
5
reference_url https://hackerone.com/reports/1204695
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1204695
6
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00012.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/06/msg00012.html
7
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQR7LWED6VAPD5ATYOBZIGJQPCUBRJBX
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQR7LWED6VAPD5ATYOBZIGJQPCUBRJBX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/THVTYHHEOVLQFCFHWURZYO7PVUPBHRZD
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/THVTYHHEOVLQFCFHWURZYO7PVUPBHRZD
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YACE6ORF2QBXXBK2V2CM36D7TZMEJVAS
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YACE6ORF2QBXXBK2V2CM36D7TZMEJVAS
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQR7LWED6VAPD5ATYOBZIGJQPCUBRJBX
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQR7LWED6VAPD5ATYOBZIGJQPCUBRJBX
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/THVTYHHEOVLQFCFHWURZYO7PVUPBHRZD
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/THVTYHHEOVLQFCFHWURZYO7PVUPBHRZD
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YACE6ORF2QBXXBK2V2CM36D7TZMEJVAS
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YACE6ORF2QBXXBK2V2CM36D7TZMEJVAS
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33621
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33621
15
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202401-27
16
reference_url https://security.netapp.com/advisory/ntap-20221228-0004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221228-0004
17
reference_url https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621
18
reference_url https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024799
reference_id 1024799
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024799
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2149706
reference_id 2149706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2149706
21
reference_url https://github.com/advisories/GHSA-vc47-6rqg-c7f5
reference_id GHSA-vc47-6rqg-c7f5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vc47-6rqg-c7f5
22
reference_url https://access.redhat.com/errata/RHSA-2023:3291
reference_id RHSA-2023:3291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3291
23
reference_url https://access.redhat.com/errata/RHSA-2023:3821
reference_id RHSA-2023:3821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3821
24
reference_url https://access.redhat.com/errata/RHSA-2023:7025
reference_id RHSA-2023:7025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7025
25
reference_url https://access.redhat.com/errata/RHSA-2024:1431
reference_id RHSA-2024:1431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1431
26
reference_url https://access.redhat.com/errata/RHSA-2024:1576
reference_id RHSA-2024:1576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1576
27
reference_url https://access.redhat.com/errata/RHSA-2024:3500
reference_id RHSA-2024:3500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3500
28
reference_url https://access.redhat.com/errata/RHSA-2024:3838
reference_id RHSA-2024:3838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3838
29
reference_url https://access.redhat.com/errata/RHSA-2024:4542
reference_id RHSA-2024:4542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4542
30
reference_url https://usn.ubuntu.com/5806-1/
reference_id USN-5806-1
reference_type
scores
url https://usn.ubuntu.com/5806-1/
31
reference_url https://usn.ubuntu.com/5806-2/
reference_id USN-5806-2
reference_type
scores
url https://usn.ubuntu.com/5806-2/
32
reference_url https://usn.ubuntu.com/5806-3/
reference_id USN-5806-3
reference_type
scores
url https://usn.ubuntu.com/5806-3/
33
reference_url https://usn.ubuntu.com/6181-1/
reference_id USN-6181-1
reference_type
scores
url https://usn.ubuntu.com/6181-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-33621, GHSA-vc47-6rqg-c7f5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g2w-sc9w-eyce
3
url VCID-9x9w-2k98-wydm
vulnerability_id VCID-9x9w-2k98-wydm
summary 
Ruby Time component ReDoS issue
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28756.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28756.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28756
reference_id
reference_type
scores
0
value 0.00826
scoring_system epss
scoring_elements 0.74463
published_at 2026-04-13T12:55:00Z
1
value 0.00826
scoring_system epss
scoring_elements 0.74472
published_at 2026-04-12T12:55:00Z
2
value 0.00826
scoring_system epss
scoring_elements 0.74491
published_at 2026-04-11T12:55:00Z
3
value 0.00826
scoring_system epss
scoring_elements 0.74469
published_at 2026-04-09T12:55:00Z
4
value 0.00826
scoring_system epss
scoring_elements 0.74452
published_at 2026-04-08T12:55:00Z
5
value 0.00826
scoring_system epss
scoring_elements 0.74419
published_at 2026-04-07T12:55:00Z
6
value 0.00826
scoring_system epss
scoring_elements 0.74444
published_at 2026-04-04T12:55:00Z
7
value 0.00826
scoring_system epss
scoring_elements 0.74418
published_at 2026-04-02T12:55:00Z
8
value 0.00914
scoring_system epss
scoring_elements 0.75917
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28756
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28756
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ruby/time
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/time
5
reference_url https://github.com/ruby/time/releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/time/releases
6
reference_url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
7
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
14
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://security.gentoo.org/glsa/202401-27
15
reference_url https://security.netapp.com/advisory/ntap-20230526-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230526-0004
16
reference_url https://www.ruby-lang.org/en/downloads/releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/downloads/releases
17
reference_url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released
18
reference_url https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756
19
reference_url https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036283
reference_id 1036283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036283
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038408
reference_id 1038408
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038408
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2184061
reference_id 2184061
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2184061
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-28756
reference_id CVE-2023-28756
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-28756
24
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/time/CVE-2023-28756.yml
reference_id CVE-2023-28756.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/time/CVE-2023-28756.yml
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA/
reference_id FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T/
reference_id G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T/
27
reference_url https://github.com/advisories/GHSA-fg7x-g82r-94qc
reference_id GHSA-fg7x-g82r-94qc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fg7x-g82r-94qc
28
reference_url https://security.netapp.com/advisory/ntap-20230526-0004/
reference_id ntap-20230526-0004
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://security.netapp.com/advisory/ntap-20230526-0004/
29
reference_url https://github.com/ruby/time/releases/
reference_id releases
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://github.com/ruby/time/releases/
30
reference_url https://www.ruby-lang.org/en/downloads/releases/
reference_id releases
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://www.ruby-lang.org/en/downloads/releases/
31
reference_url https://access.redhat.com/errata/RHSA-2023:3291
reference_id RHSA-2023:3291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3291
32
reference_url https://access.redhat.com/errata/RHSA-2023:3821
reference_id RHSA-2023:3821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3821
33
reference_url https://access.redhat.com/errata/RHSA-2023:7025
reference_id RHSA-2023:7025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7025
34
reference_url https://access.redhat.com/errata/RHSA-2024:1431
reference_id RHSA-2024:1431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1431
35
reference_url https://access.redhat.com/errata/RHSA-2024:1576
reference_id RHSA-2024:1576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1576
36
reference_url https://access.redhat.com/errata/RHSA-2024:3500
reference_id RHSA-2024:3500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3500
37
reference_url https://access.redhat.com/errata/RHSA-2024:3838
reference_id RHSA-2024:3838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3838
38
reference_url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/
reference_id ruby-3-2-0-released
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/
39
reference_url https://usn.ubuntu.com/6055-1/
reference_id USN-6055-1
reference_type
scores
url https://usn.ubuntu.com/6055-1/
40
reference_url https://usn.ubuntu.com/6087-1/
reference_id USN-6087-1
reference_type
scores
url https://usn.ubuntu.com/6087-1/
41
reference_url https://usn.ubuntu.com/6181-1/
reference_id USN-6181-1
reference_type
scores
url https://usn.ubuntu.com/6181-1/
42
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z/
reference_id WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T19:59:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2023-28756, GHSA-fg7x-g82r-94qc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9x9w-2k98-wydm
4
url VCID-gfjn-m9zp-57c5
vulnerability_id VCID-gfjn-m9zp-57c5
summary 
Duplicate
This advisory duplicates another.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41816.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41816.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41816
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.63099
published_at 2026-04-12T12:55:00Z
1
value 0.00437
scoring_system epss
scoring_elements 0.63077
published_at 2026-04-13T12:55:00Z
2
value 0.00437
scoring_system epss
scoring_elements 0.62977
published_at 2026-04-01T12:55:00Z
3
value 0.00437
scoring_system epss
scoring_elements 0.63036
published_at 2026-04-02T12:55:00Z
4
value 0.00437
scoring_system epss
scoring_elements 0.63064
published_at 2026-04-04T12:55:00Z
5
value 0.00437
scoring_system epss
scoring_elements 0.63029
published_at 2026-04-07T12:55:00Z
6
value 0.00437
scoring_system epss
scoring_elements 0.6308
published_at 2026-04-08T12:55:00Z
7
value 0.00437
scoring_system epss
scoring_elements 0.63096
published_at 2026-04-09T12:55:00Z
8
value 0.00437
scoring_system epss
scoring_elements 0.63113
published_at 2026-04-11T12:55:00Z
9
value 0.00483
scoring_system epss
scoring_elements 0.6523
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41816
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
5
reference_url https://github.com/ruby/cgi
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi
6
reference_url https://github.com/ruby/cgi/commit/959ccf0b6a672bcc64aeaa60c6e1f9e728f1e87f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi/commit/959ccf0b6a672bcc64aeaa60c6e1f9e728f1e87f
7
reference_url https://github.com/ruby/cgi/commit/ad079c1cb5f58eba1ffac46da79995fcf94a3a6e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi/commit/ad079c1cb5f58eba1ffac46da79995fcf94a3a6e
8
reference_url https://github.com/ruby/cgi/commit/c6a37a671b556eb06140ea89cc465136b24207a6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi/commit/c6a37a671b556eb06140ea89cc465136b24207a6
9
reference_url https://github.com/ruby/cgi/commit/c728632c1c09d46cfd4ecbff9caaa3651dd1002a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/cgi/commit/c728632c1c09d46cfd4ecbff9caaa3651dd1002a
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-41816.yml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2021-41816.yml
11
reference_url https://groups.google.com/g/ruby-security-ann/c/4MQ568ZG47c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/4MQ568ZG47c
12
reference_url https://hackerone.com/reports/1328463
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1328463
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
21
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202401-27
22
reference_url https://security.netapp.com/advisory/ntap-20220303-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220303-0006
23
reference_url https://security.netapp.com/advisory/ntap-20220303-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220303-0006/
24
reference_url https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816
25
reference_url https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2026752
reference_id 2026752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2026752
27
reference_url https://security.archlinux.org/AVG-2582
reference_id AVG-2582
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2582
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41816
reference_id CVE-2021-41816
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41816
29
reference_url https://security-tracker.debian.org/tracker/CVE-2021-41816
reference_id CVE-2021-41816
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2021-41816
30
reference_url https://github.com/advisories/GHSA-5cqm-crxm-6qpv
reference_id GHSA-5cqm-crxm-6qpv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cqm-crxm-6qpv
31
reference_url https://access.redhat.com/errata/RHSA-2022:6855
reference_id RHSA-2022:6855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6855
32
reference_url https://access.redhat.com/errata/RHSA-2022:6856
reference_id RHSA-2022:6856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6856
33
reference_url https://usn.ubuntu.com/5235-1/
reference_id USN-5235-1
reference_type
scores
url https://usn.ubuntu.com/5235-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-41816, GHSA-5cqm-crxm-6qpv, GMS-2021-17
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfjn-m9zp-57c5
5
url VCID-mkq9-21q7-6kg6
vulnerability_id VCID-mkq9-21q7-6kg6
summary 
Regular expression denial of service vulnerability (ReDoS) in date
Date includes a ReDoS vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41817.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41817.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41817
reference_id
reference_type
scores
0
value 0.00495
scoring_system epss
scoring_elements 0.65795
published_at 2026-04-16T12:55:00Z
1
value 0.00495
scoring_system epss
scoring_elements 0.65761
published_at 2026-04-13T12:55:00Z
2
value 0.00495
scoring_system epss
scoring_elements 0.65791
published_at 2026-04-12T12:55:00Z
3
value 0.00495
scoring_system epss
scoring_elements 0.65725
published_at 2026-04-02T12:55:00Z
4
value 0.00495
scoring_system epss
scoring_elements 0.65676
published_at 2026-04-01T12:55:00Z
5
value 0.00495
scoring_system epss
scoring_elements 0.65755
published_at 2026-04-04T12:55:00Z
6
value 0.00495
scoring_system epss
scoring_elements 0.65721
published_at 2026-04-07T12:55:00Z
7
value 0.00495
scoring_system epss
scoring_elements 0.65774
published_at 2026-04-08T12:55:00Z
8
value 0.00495
scoring_system epss
scoring_elements 0.65805
published_at 2026-04-11T12:55:00Z
9
value 0.00495
scoring_system epss
scoring_elements 0.65784
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41817
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41816
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/ruby/date
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/date
11
reference_url https://github.com/ruby/date/commit/3959accef8da5c128f8a8e2fd54e932a4fb253b0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/date/commit/3959accef8da5c128f8a8e2fd54e932a4fb253b0
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/date/CVE-2021-41817.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/date/CVE-2021-41817.yml
13
reference_url https://hackerone.com/reports/1254844
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1254844
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
22
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202401-27
23
reference_url https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817
24
reference_url https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2025104
reference_id 2025104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2025104
26
reference_url https://security.archlinux.org/AVG-2555
reference_id AVG-2555
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2555
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41817
reference_id CVE-2021-41817
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41817
28
reference_url https://github.com/advisories/GHSA-qg54-694p-wgpp
reference_id GHSA-qg54-694p-wgpp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qg54-694p-wgpp
29
reference_url https://access.redhat.com/errata/RHSA-2022:0543
reference_id RHSA-2022:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0543
30
reference_url https://access.redhat.com/errata/RHSA-2022:0544
reference_id RHSA-2022:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0544
31
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
32
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
33
reference_url https://access.redhat.com/errata/RHSA-2022:0708
reference_id RHSA-2022:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0708
34
reference_url https://access.redhat.com/errata/RHSA-2022:5779
reference_id RHSA-2022:5779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5779
35
reference_url https://access.redhat.com/errata/RHSA-2022:6447
reference_id RHSA-2022:6447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6447
36
reference_url https://access.redhat.com/errata/RHSA-2022:6450
reference_id RHSA-2022:6450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6450
37
reference_url https://access.redhat.com/errata/RHSA-2022:6855
reference_id RHSA-2022:6855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6855
38
reference_url https://access.redhat.com/errata/RHSA-2022:6856
reference_id RHSA-2022:6856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6856
39
reference_url https://usn.ubuntu.com/5235-1/
reference_id USN-5235-1
reference_type
scores
url https://usn.ubuntu.com/5235-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-41817, GHSA-qg54-694p-wgpp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkq9-21q7-6kg6
6
url VCID-qwh3-25yu-qfga
vulnerability_id VCID-qwh3-25yu-qfga
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28738.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28738.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28738
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.58964
published_at 2026-04-16T12:55:00Z
1
value 0.00371
scoring_system epss
scoring_elements 0.58949
published_at 2026-04-12T12:55:00Z
2
value 0.00371
scoring_system epss
scoring_elements 0.5893
published_at 2026-04-13T12:55:00Z
3
value 0.00371
scoring_system epss
scoring_elements 0.58902
published_at 2026-04-02T12:55:00Z
4
value 0.00371
scoring_system epss
scoring_elements 0.58923
published_at 2026-04-04T12:55:00Z
5
value 0.00371
scoring_system epss
scoring_elements 0.5889
published_at 2026-04-07T12:55:00Z
6
value 0.00371
scoring_system epss
scoring_elements 0.58942
published_at 2026-04-08T12:55:00Z
7
value 0.00371
scoring_system epss
scoring_elements 0.58948
published_at 2026-04-09T12:55:00Z
8
value 0.00371
scoring_system epss
scoring_elements 0.58967
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28738
2
reference_url https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2075685
reference_id 2075685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2075685
4
reference_url https://security.archlinux.org/AVG-2757
reference_id AVG-2757
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2757
5
reference_url https://access.redhat.com/errata/RHSA-2022:6450
reference_id RHSA-2022:6450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6450
6
reference_url https://access.redhat.com/errata/RHSA-2022:6585
reference_id RHSA-2022:6585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6585
7
reference_url https://access.redhat.com/errata/RHSA-2022:6855
reference_id RHSA-2022:6855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6855
8
reference_url https://usn.ubuntu.com/5462-1/
reference_id USN-5462-1
reference_type
scores
url https://usn.ubuntu.com/5462-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2022-28738, GHSA-8pqg-8p79-j5j8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwh3-25yu-qfga
7
url VCID-t9y5-hd9b-bkc4
vulnerability_id VCID-t9y5-hd9b-bkc4
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31810.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-31810
reference_id
reference_type
scores
0
value 0.00632
scoring_system epss
scoring_elements 0.70265
published_at 2026-04-01T12:55:00Z
1
value 0.00632
scoring_system epss
scoring_elements 0.7037
published_at 2026-04-16T12:55:00Z
2
value 0.00632
scoring_system epss
scoring_elements 0.70316
published_at 2026-04-08T12:55:00Z
3
value 0.00632
scoring_system epss
scoring_elements 0.70331
published_at 2026-04-09T12:55:00Z
4
value 0.00632
scoring_system epss
scoring_elements 0.70354
published_at 2026-04-11T12:55:00Z
5
value 0.00632
scoring_system epss
scoring_elements 0.70339
published_at 2026-04-12T12:55:00Z
6
value 0.00632
scoring_system epss
scoring_elements 0.70326
published_at 2026-04-13T12:55:00Z
7
value 0.00632
scoring_system epss
scoring_elements 0.70277
published_at 2026-04-02T12:55:00Z
8
value 0.00632
scoring_system epss
scoring_elements 0.70295
published_at 2026-04-04T12:55:00Z
9
value 0.00632
scoring_system epss
scoring_elements 0.70271
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-31810
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-31810
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements
1
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2021-31810
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
reference_id 1014818
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1980126
reference_id 1980126
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1980126
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
reference_id 990815
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
13
reference_url https://security.archlinux.org/ASA-202107-23
reference_id ASA-202107-23
reference_type
scores
url https://security.archlinux.org/ASA-202107-23
14
reference_url https://security.archlinux.org/AVG-1906
reference_id AVG-1906
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1906
15
reference_url https://security.archlinux.org/AVG-2138
reference_id AVG-2138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2138
16
reference_url https://access.redhat.com/errata/RHSA-2021:3020
reference_id RHSA-2021:3020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3020
17
reference_url https://access.redhat.com/errata/RHSA-2021:3559
reference_id RHSA-2021:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3559
18
reference_url https://access.redhat.com/errata/RHSA-2021:3982
reference_id RHSA-2021:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3982
19
reference_url https://access.redhat.com/errata/RHSA-2022:0543
reference_id RHSA-2022:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0543
20
reference_url https://access.redhat.com/errata/RHSA-2022:0544
reference_id RHSA-2022:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0544
21
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
22
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
23
reference_url https://access.redhat.com/errata/RHSA-2022:0672
reference_id RHSA-2022:0672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0672
24
reference_url https://access.redhat.com/errata/RHSA-2022:0708
reference_id RHSA-2022:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0708
25
reference_url https://usn.ubuntu.com/5020-1/
reference_id USN-5020-1
reference_type
scores
url https://usn.ubuntu.com/5020-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-31810, GHSA-wr95-679j-87v9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9y5-hd9b-bkc4
8
url VCID-uxdx-abx7-fkdy
vulnerability_id VCID-uxdx-abx7-fkdy
summary 
Ruby URI component ReDoS issue
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28755.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28755.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28755
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55265
published_at 2026-04-13T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55283
published_at 2026-04-12T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55304
published_at 2026-04-11T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55292
published_at 2026-04-09T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55291
published_at 2026-04-08T12:55:00Z
5
value 0.00322
scoring_system epss
scoring_elements 0.55241
published_at 2026-04-07T12:55:00Z
6
value 0.00322
scoring_system epss
scoring_elements 0.55263
published_at 2026-04-04T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.55239
published_at 2026-04-02T12:55:00Z
8
value 0.00357
scoring_system epss
scoring_elements 0.57963
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28755
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28755
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ruby/uri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/uri
5
reference_url https://github.com/ruby/uri/releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/uri/releases
6
reference_url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
7
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00000.html
8
reference_url https://lists.debian.org/debian-lts-announce/2025/05/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/05/msg00015.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QA6XUKUY7B5OLNQBLHOT43UW7C5NIOQQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QA6XUKUY7B5OLNQBLHOT43UW7C5NIOQQ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
18
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://security.gentoo.org/glsa/202401-27
19
reference_url https://security.netapp.com/advisory/ntap-20230526-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230526-0003
20
reference_url https://www.ruby-lang.org/en/downloads/releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/downloads/releases
21
reference_url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released
22
reference_url https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036283
reference_id 1036283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036283
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038408
reference_id 1038408
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038408
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2184059
reference_id 2184059
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2184059
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF/
reference_id 27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27LUWREIFTP3MQAW7QE4PJM4DPAQJWXF/
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-28755
reference_id CVE-2023-28755
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-28755
28
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/uri/CVE-2023-28755.yml
reference_id CVE-2023-28755.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/uri/CVE-2023-28755.yml
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA/
reference_id FFZANOQA4RYX7XCB42OO3P24DQKWHEKA
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFZANOQA4RYX7XCB42OO3P24DQKWHEKA/
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T/
reference_id G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G76GZG3RAGYF4P75YY7J7TGYAU7Z5E2T/
31
reference_url https://github.com/advisories/GHSA-hv5j-3h9f-99c2
reference_id GHSA-hv5j-3h9f-99c2
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hv5j-3h9f-99c2
32
reference_url https://security.netapp.com/advisory/ntap-20230526-0003/
reference_id ntap-20230526-0003
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://security.netapp.com/advisory/ntap-20230526-0003/
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QA6XUKUY7B5OLNQBLHOT43UW7C5NIOQQ/
reference_id QA6XUKUY7B5OLNQBLHOT43UW7C5NIOQQ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QA6XUKUY7B5OLNQBLHOT43UW7C5NIOQQ/
34
reference_url https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
reference_id redos-in-uri-cve-2023-28755
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
35
reference_url https://github.com/ruby/uri/releases/
reference_id releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://github.com/ruby/uri/releases/
36
reference_url https://www.ruby-lang.org/en/downloads/releases/
reference_id releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://www.ruby-lang.org/en/downloads/releases/
37
reference_url https://access.redhat.com/errata/RHSA-2023:3291
reference_id RHSA-2023:3291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3291
38
reference_url https://access.redhat.com/errata/RHSA-2023:3821
reference_id RHSA-2023:3821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3821
39
reference_url https://access.redhat.com/errata/RHSA-2023:7025
reference_id RHSA-2023:7025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7025
40
reference_url https://access.redhat.com/errata/RHSA-2024:1431
reference_id RHSA-2024:1431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1431
41
reference_url https://access.redhat.com/errata/RHSA-2024:1576
reference_id RHSA-2024:1576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1576
42
reference_url https://access.redhat.com/errata/RHSA-2024:3500
reference_id RHSA-2024:3500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3500
43
reference_url https://access.redhat.com/errata/RHSA-2024:3838
reference_id RHSA-2024:3838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3838
44
reference_url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/
reference_id ruby-3-2-0-released
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/
45
reference_url https://usn.ubuntu.com/6055-1/
reference_id USN-6055-1
reference_type
scores
url https://usn.ubuntu.com/6055-1/
46
reference_url https://usn.ubuntu.com/6055-2/
reference_id USN-6055-2
reference_type
scores
url https://usn.ubuntu.com/6055-2/
47
reference_url https://usn.ubuntu.com/6087-1/
reference_id USN-6087-1
reference_type
scores
url https://usn.ubuntu.com/6087-1/
48
reference_url https://usn.ubuntu.com/6181-1/
reference_id USN-6181-1
reference_type
scores
url https://usn.ubuntu.com/6181-1/
49
reference_url https://usn.ubuntu.com/6219-1/
reference_id USN-6219-1
reference_type
scores
url https://usn.ubuntu.com/6219-1/
50
reference_url https://usn.ubuntu.com/7735-1/
reference_id USN-7735-1
reference_type
scores
url https://usn.ubuntu.com/7735-1/
51
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z/
reference_id WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T19:38:26Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMIOPLBAAM3FEQNAXA2L7BDKOGSVUT5Z/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2023-28755, GHSA-hv5j-3h9f-99c2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uxdx-abx7-fkdy
9
url VCID-vcz9-dvf4-47am
vulnerability_id VCID-vcz9-dvf4-47am
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25613.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25613.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25613
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.50623
published_at 2026-04-16T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50581
published_at 2026-04-13T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.50595
published_at 2026-04-12T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50618
published_at 2026-04-11T12:55:00Z
4
value 0.00271
scoring_system epss
scoring_elements 0.50575
published_at 2026-04-09T12:55:00Z
5
value 0.00271
scoring_system epss
scoring_elements 0.50487
published_at 2026-04-01T12:55:00Z
6
value 0.00271
scoring_system epss
scoring_elements 0.50579
published_at 2026-04-08T12:55:00Z
7
value 0.00271
scoring_system epss
scoring_elements 0.50524
published_at 2026-04-07T12:55:00Z
8
value 0.00271
scoring_system epss
scoring_elements 0.50544
published_at 2026-04-02T12:55:00Z
9
value 0.00271
scoring_system epss
scoring_elements 0.50571
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25613
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25613
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2020-25613.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2020-25613.yml
5
reference_url https://github.com/ruby/webrick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick
6
reference_url https://github.com/ruby/webrick/commit/076ac636bf48b7a492887ce4de7041de23e6c00d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/076ac636bf48b7a492887ce4de7041de23e6c00d
7
reference_url https://github.com/ruby/webrick/commit/7618049fa57ddad2efff2a7bc7dad7d2d8a311b1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/7618049fa57ddad2efff2a7bc7dad7d2d8a311b1
8
reference_url https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
9
reference_url https://github.com/ruby/webrick/commit/af2efdcdf826f25592202d187c53963e7932e4b9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ruby/webrick/commit/af2efdcdf826f25592202d187c53963e7932e4b9
10
reference_url https://hackerone.com/reports/965267
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/965267
11
reference_url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFP3E7KXXT3H3KA6CBZPUOGA5VPFARRJ
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTZURYROG3FFED3TYCQOBV66BS4K6WOV
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25613
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25613
17
reference_url https://security.gentoo.org/glsa/202401-27
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202401-27
18
reference_url https://security.netapp.com/advisory/ntap-20210115-0008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210115-0008
19
reference_url https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613
20
reference_url https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1883623
reference_id 1883623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1883623
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
reference_id 972230
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972230
23
reference_url https://github.com/advisories/GHSA-gwfg-cqmg-cf8f
reference_id GHSA-gwfg-cqmg-cf8f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwfg-cqmg-cf8f
24
reference_url https://access.redhat.com/errata/RHSA-2021:2104
reference_id RHSA-2021:2104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2104
25
reference_url https://access.redhat.com/errata/RHSA-2021:2229
reference_id RHSA-2021:2229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2229
26
reference_url https://access.redhat.com/errata/RHSA-2021:2230
reference_id RHSA-2021:2230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2230
27
reference_url https://access.redhat.com/errata/RHSA-2021:2584
reference_id RHSA-2021:2584
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2584
28
reference_url https://access.redhat.com/errata/RHSA-2021:2587
reference_id RHSA-2021:2587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2587
29
reference_url https://access.redhat.com/errata/RHSA-2021:2588
reference_id RHSA-2021:2588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2588
30
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
31
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
32
reference_url https://usn.ubuntu.com/4882-1/
reference_id USN-4882-1
reference_type
scores
url https://usn.ubuntu.com/4882-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2020-25613, GHSA-gwfg-cqmg-cf8f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcz9-dvf4-47am
10
url VCID-xkby-43zv-x3f7
vulnerability_id VCID-xkby-43zv-x3f7
summary Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32066.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32066.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32066
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22303
published_at 2026-04-01T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22381
published_at 2026-04-16T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22384
published_at 2026-04-08T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22439
published_at 2026-04-09T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.2246
published_at 2026-04-11T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22419
published_at 2026-04-12T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22364
published_at 2026-04-13T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22468
published_at 2026-04-02T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.22514
published_at 2026-04-04T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22302
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32066
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28965
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31799
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32066
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41817
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41819
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32066
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2021-32066
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
reference_id 1014818
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014818
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1980128
reference_id 1980128
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1980128
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
reference_id 990815
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990815
13
reference_url https://security.archlinux.org/ASA-202107-23
reference_id ASA-202107-23
reference_type
scores
url https://security.archlinux.org/ASA-202107-23
14
reference_url https://security.archlinux.org/AVG-1906
reference_id AVG-1906
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1906
15
reference_url https://security.archlinux.org/AVG-2138
reference_id AVG-2138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2138
16
reference_url https://access.redhat.com/errata/RHSA-2021:3020
reference_id RHSA-2021:3020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3020
17
reference_url https://access.redhat.com/errata/RHSA-2021:3559
reference_id RHSA-2021:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3559
18
reference_url https://access.redhat.com/errata/RHSA-2021:3982
reference_id RHSA-2021:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3982
19
reference_url https://access.redhat.com/errata/RHSA-2022:0543
reference_id RHSA-2022:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0543
20
reference_url https://access.redhat.com/errata/RHSA-2022:0544
reference_id RHSA-2022:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0544
21
reference_url https://access.redhat.com/errata/RHSA-2022:0581
reference_id RHSA-2022:0581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0581
22
reference_url https://access.redhat.com/errata/RHSA-2022:0582
reference_id RHSA-2022:0582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0582
23
reference_url https://access.redhat.com/errata/RHSA-2022:0672
reference_id RHSA-2022:0672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0672
24
reference_url https://access.redhat.com/errata/RHSA-2022:0708
reference_id RHSA-2022:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0708
25
reference_url https://usn.ubuntu.com/5020-1/
reference_id USN-5020-1
reference_type
scores
url https://usn.ubuntu.com/5020-1/
fixed_packages
0
url pkg:ebuild/dev-lang/ruby@2.5.9
purl pkg:ebuild/dev-lang/ruby@2.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.5.9
1
url pkg:ebuild/dev-lang/ruby@2.6.10
purl pkg:ebuild/dev-lang/ruby@2.6.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.6.10
2
url pkg:ebuild/dev-lang/ruby@2.7.8
purl pkg:ebuild/dev-lang/ruby@2.7.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8
3
url pkg:ebuild/dev-lang/ruby@3.0.6
purl pkg:ebuild/dev-lang/ruby@3.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.0.6
4
url pkg:ebuild/dev-lang/ruby@3.1.4
purl pkg:ebuild/dev-lang/ruby@3.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.1.4
5
url pkg:ebuild/dev-lang/ruby@3.2.2
purl pkg:ebuild/dev-lang/ruby@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@3.2.2
aliases CVE-2021-32066, GHSA-gx49-h5r3-q3xj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkby-43zv-x3f7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@2.7.8