Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-4yvc-uzev-wua4

Summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

Aliases

alias	CVE-2008-3655

alias	GHSA-p524-ppf2-w36w

Fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

Affected_packages

url pkg:rpm/redhat/ruby@1.6.4-7?arch=el2

purl pkg:rpm/redhat/ruby@1.6.4-7?arch=el2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-qjwb-ph9u-bubf

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.6.4-7%3Farch=el2

url pkg:rpm/redhat/ruby@1.6.8-13?arch=el3

purl pkg:rpm/redhat/ruby@1.6.8-13?arch=el3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.6.8-13%3Farch=el3

url pkg:rpm/redhat/ruby@1.8.1-7.el4_7?arch=1

purl pkg:rpm/redhat/ruby@1.8.1-7.el4_7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-m6vt-b9kt-93hw

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-r8r3-3x8p-ebh5

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.1-7.el4_7%3Farch=1

url pkg:rpm/redhat/ruby@1.8.5-5.el5_2?arch=5

purl pkg:rpm/redhat/ruby@1.8.5-5.el5_2?arch=5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-m6vt-b9kt-93hw

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-r8r3-3x8p-ebh5

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.5-5.el5_2%3Farch=5

url pkg:ruby/ruby@1.8.7

purl pkg:ruby/ruby@1.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-94vg-kqhg-qfdv

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9ukz-9357-aqb6

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-bv9s-j5yk-m3aw

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-xtny-ychb-fff1

vulnerability	VCID-ynyp-ybd9-57df

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.7

url pkg:ruby/ruby@1.8.8

purl pkg:ruby/ruby@1.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ww6-w1k6-xqbp

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9ukz-9357-aqb6

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-ar57-vndq-yka6

vulnerability	VCID-bjts-v9q2-9yg8

vulnerability	VCID-bv9s-j5yk-m3aw

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

vulnerability	VCID-nxub-6qsu-hbhk

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-r8r3-3x8p-ebh5

vulnerability	VCID-rh8q-s45v-xbhg

vulnerability	VCID-weh8-bs3g-a3hp

vulnerability	VCID-xtny-ychb-fff1

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.8

References

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3655

reference_id

reference_type

scores

value	0.29733
scoring_system	epss
scoring_elements	0.96633
published_at	2026-04-16T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96594
published_at	2026-04-01T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96603
published_at	2026-04-02T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96608
published_at	2026-04-04T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96611
published_at	2026-04-07T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96619
published_at	2026-04-08T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96621
published_at	2026-04-09T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96624
published_at	2026-04-12T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96627
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3655

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31697
reference_id
reference_type
scores
url	http://secunia.com/advisories/31697

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/32372
reference_id
reference_type
scores
url	http://secunia.com/advisories/32372

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44369
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44369

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0895.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0895.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495884/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30644

reference_url	http://www.securitytracker.com/id?1020656
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020656

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458948
reference_id	458948
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458948

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3655

reference_id

CVE-2008-3655

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3655

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb
reference_id	CVE-2008-3655;OSVDB-47470
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb
reference_id	CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0895
reference_id	RHSA-2008:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0895

reference_url	https://access.redhat.com/errata/RHSA-2008:0896
reference_id	RHSA-2008:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0896

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

Weaknesses

cwe_id	264
name	Permissions, Privileges, and Access Controls
description	Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Exploits

date_added	2008-08-11
description	Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2008-08-11
exploit_type	remote
platform	multiple
source_date_updated	2016-12-21
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/30644/info

Severity_range_score 7.5 - 7.5

Exploitability 2.0

Weighted_severity 6.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4

Vulnerability Instance