Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-mtmk-9yt6-s3gv

Summary ruby: Heap-based buffer overflow in the rb_str_justify() function

Aliases

alias	CVE-2009-4124

alias	GHSA-9mvm-2xp2-9wmw

alias	OSV-60880

Fixed_packages

Affected_packages

url pkg:ruby/ruby@1.9

purl pkg:ruby/ruby@1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5e5v-pmb2-zkba

vulnerability	VCID-e58n-x5ra-6ybq

vulnerability	VCID-ggcn-qfts-rbeu

vulnerability	VCID-m6vt-b9kt-93hw

vulnerability	VCID-mtmk-9yt6-s3gv

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.9

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4124.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4124.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4124

reference_id

reference_type

scores

value	0.01934
scoring_system	epss
scoring_elements	0.83332
published_at	2026-04-01T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83347
published_at	2026-04-02T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83362
published_at	2026-04-04T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83361
published_at	2026-04-07T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83385
published_at	2026-04-08T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83394
published_at	2026-04-09T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83409
published_at	2026-04-11T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83404
published_at	2026-04-12T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83399
published_at	2026-04-13T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83435
published_at	2026-04-16T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83436
published_at	2026-04-21T12:55:00Z

value	0.01934
scoring_system	epss
scoring_elements	0.83459
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4124

reference_url	https://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=959916
reference_id	959916
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=959916

reference_url	https://usn.ubuntu.com/900-1/
reference_id	USN-900-1
reference_type
scores
url	https://usn.ubuntu.com/900-1/

Weaknesses

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtmk-9yt6-s3gv

Vulnerability Instance