Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/7975?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7975?format=api", "vulnerability_id": "VCID-1svp-fwt6-pbey", "summary": "SMTP Injection via to/from addresses\nThe mail package does not disallow CRLF in email addresses; an attacker can inject SMTP commands in specially crafted email addresses passed to `RCPT TO` and `MAIL FROM`.", "aliases": [ { "alias": "CVE-2015-9097" }, { "alias": "GHSA-q86f-fmqf-qrf6" }, { "alias": "OSV-131677" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/938240?format=api", "purl": "pkg:deb/debian/ruby-mail@2.6.1%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.6.1%252Bdfsg1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049318?format=api", "purl": "pkg:deb/debian/ruby-mail@2.6.1%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.6.1%252Bdfsg1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/938237?format=api", "purl": "pkg:deb/debian/ruby-mail@2.7.1%2Bdfsg1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.7.1%252Bdfsg1-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938235?format=api", "purl": "pkg:deb/debian/ruby-mail@2.7.1%2Bdfsg1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.7.1%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938239?format=api", "purl": "pkg:deb/debian/ruby-mail@2.8.1%2Bdfsg1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.8.1%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938238?format=api", "purl": "pkg:deb/debian/ruby-mail@2.9.0%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.9.0%252Bdfsg1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24286?format=api", "purl": "pkg:gem/mail@2.5.5.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.5.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/68295?format=api", "purl": "pkg:gem/mail@2.5.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/24287?format=api", "purl": "pkg:gem/mail@2.6.6.rc1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.6.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24288?format=api", "purl": "pkg:gem/mail@2.7.0.rc1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.7.0.rc1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049316?format=api", "purl": "pkg:deb/debian/ruby-mail@2.4.4-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.4.4-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049317?format=api", "purl": "pkg:deb/debian/ruby-mail@2.5.4-3~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.5.4-3~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131059?format=api", "purl": "pkg:gem/mail@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131060?format=api", "purl": "pkg:gem/mail@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131061?format=api", "purl": "pkg:gem/mail@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131062?format=api", "purl": "pkg:gem/mail@1.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/131063?format=api", "purl": "pkg:gem/mail@1.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/131064?format=api", "purl": "pkg:gem/mail@1.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/131065?format=api", "purl": "pkg:gem/mail@1.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/131066?format=api", "purl": "pkg:gem/mail@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131067?format=api", "purl": "pkg:gem/mail@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131068?format=api", "purl": "pkg:gem/mail@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131069?format=api", "purl": "pkg:gem/mail@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131070?format=api", "purl": "pkg:gem/mail@1.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/131071?format=api", "purl": "pkg:gem/mail@1.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/131072?format=api", "purl": "pkg:gem/mail@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131073?format=api", "purl": "pkg:gem/mail@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131074?format=api", "purl": "pkg:gem/mail@1.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131075?format=api", "purl": "pkg:gem/mail@1.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131076?format=api", "purl": "pkg:gem/mail@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131077?format=api", "purl": "pkg:gem/mail@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131078?format=api", "purl": "pkg:gem/mail@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131079?format=api", "purl": "pkg:gem/mail@1.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131080?format=api", "purl": "pkg:gem/mail@1.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/131081?format=api", "purl": "pkg:gem/mail@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131082?format=api", "purl": "pkg:gem/mail@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131083?format=api", "purl": "pkg:gem/mail@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/131084?format=api", "purl": "pkg:gem/mail@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131085?format=api", "purl": "pkg:gem/mail@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131086?format=api", "purl": "pkg:gem/mail@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131087?format=api", "purl": "pkg:gem/mail@2.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131088?format=api", "purl": "pkg:gem/mail@2.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/131089?format=api", "purl": "pkg:gem/mail@2.1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131090?format=api", "purl": "pkg:gem/mail@2.1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131091?format=api", "purl": "pkg:gem/mail@2.1.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131092?format=api", "purl": "pkg:gem/mail@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/131093?format=api", "purl": "pkg:gem/mail@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131094?format=api", "purl": "pkg:gem/mail@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131095?format=api", "purl": "pkg:gem/mail@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131096?format=api", "purl": "pkg:gem/mail@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/131097?format=api", "purl": "pkg:gem/mail@2.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/131098?format=api", "purl": "pkg:gem/mail@2.2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131099?format=api", "purl": "pkg:gem/mail@2.2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/131100?format=api", "purl": "pkg:gem/mail@2.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/131101?format=api", "purl": "pkg:gem/mail@2.2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131102?format=api", "purl": "pkg:gem/mail@2.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/131103?format=api", "purl": "pkg:gem/mail@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/131104?format=api", "purl": "pkg:gem/mail@2.2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/131105?format=api", "purl": "pkg:gem/mail@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/131106?format=api", "purl": "pkg:gem/mail@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/131107?format=api", "purl": "pkg:gem/mail@2.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/131108?format=api", "purl": "pkg:gem/mail@2.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/20002?format=api", "purl": "pkg:gem/mail@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-m9tp-apd1-z7c6" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/20003?format=api", "purl": "pkg:gem/mail@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/131412?format=api", "purl": "pkg:gem/mail@2.2.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/131413?format=api", "purl": "pkg:gem/mail@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/131414?format=api", "purl": "pkg:gem/mail@2.2.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/131415?format=api", "purl": "pkg:gem/mail@2.2.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/162389?format=api", "purl": "pkg:gem/mail@2.2.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/131416?format=api", "purl": "pkg:gem/mail@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/20077?format=api", "purl": "pkg:gem/mail@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/147990?format=api", "purl": "pkg:gem/mail@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/131417?format=api", "purl": "pkg:gem/mail@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/20078?format=api", "purl": "pkg:gem/mail@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20079?format=api", "purl": "pkg:gem/mail@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" }, { "vulnerability": "VCID-3xkv-ckqz-r3dx" }, { "vulnerability": "VCID-z8cv-3uer-pqbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20080?format=api", "purl": "pkg:gem/mail@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/162390?format=api", "purl": "pkg:gem/mail@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/162391?format=api", "purl": "pkg:gem/mail@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/162392?format=api", "purl": "pkg:gem/mail@2.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24286?format=api", "purl": "pkg:gem/mail@2.5.5.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.5.5.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24284?format=api", "purl": "pkg:gem/mail@2.6.0.alpha0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.0.alpha0" }, { "url": "http://public2.vulnerablecode.io/api/packages/162393?format=api", "purl": "pkg:gem/mail@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/162394?format=api", "purl": "pkg:gem/mail@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/162395?format=api", "purl": "pkg:gem/mail@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/162396?format=api", "purl": "pkg:gem/mail@2.6.4.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.4.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/162397?format=api", "purl": "pkg:gem/mail@2.6.4.rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.4.rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/162398?format=api", "purl": "pkg:gem/mail@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/162399?format=api", "purl": "pkg:gem/mail@2.6.5.rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.5.rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/162400?format=api", "purl": "pkg:gem/mail@2.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/24285?format=api", "purl": "pkg:gem/mail@2.7.0.alpha0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svp-fwt6-pbey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.7.0.alpha0" } ], "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2015/12/11/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/12/11/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9097.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9097.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-9097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77273", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77172", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77221", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.7723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77237", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01021", "scoring_system": "epss", "scoring_elements": "0.77272", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-9097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9097" }, { "reference_url": "https://github.com/advisories/GHSA-q86f-fmqf-qrf6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q86f-fmqf-qrf6" }, { "reference_url": "https://github.com/mikel/mail", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mikel/mail" }, { "reference_url": "https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83" }, { "reference_url": "https://github.com/mikel/mail/pull/1097", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mikel/mail/pull/1097" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/issues/215", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/issues/215" }, { "reference_url": "https://hackerone.com/reports/137631", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hackerone.com/reports/137631" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9097", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9097" }, { "reference_url": "https://rubysec.com/advisories/mail-OSVDB-131677", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rubysec.com/advisories/mail-OSVDB-131677" }, { "reference_url": "http://www.mbsd.jp/Whitepaper/smtpi.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mbsd.jp/Whitepaper/smtpi.pdf" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293598", "reference_id": "1293598", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293598" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 93, "name": "Improper Neutralization of CRLF Sequences ('CRLF Injection')", "description": "The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 88, "name": "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", "description": "The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1svp-fwt6-pbey" }