Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-e58n-x5ra-6ybq

Summary

Ruby on Windows ARGF.inplace_mode Variable Local Overflow
Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might
allow local users to gain privileges via a crafted ARGF.inplace_mode
value that is not properly handled when constructing the filenames
of the backup files.

Aliases

alias	CVE-2010-2489

alias	GHSA-pj28-mx3m-9668

alias	OSV-66040

Fixed_packages

Affected_packages

url pkg:ruby/ruby@1.9

purl pkg:ruby/ruby@1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5e5v-pmb2-zkba

vulnerability	VCID-e58n-x5ra-6ybq

vulnerability	VCID-ggcn-qfts-rbeu

vulnerability	VCID-m6vt-b9kt-93hw

vulnerability	VCID-mtmk-9yt6-s3gv

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.9

url pkg:ruby/ruby@1.9.2

purl pkg:ruby/ruby@1.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cvs2-zecm-z3h8

vulnerability	VCID-dh8q-zyat-43ce

vulnerability	VCID-e58n-x5ra-6ybq

vulnerability	VCID-rh8q-s45v-xbhg

vulnerability	VCID-xtny-ychb-fff1

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.9.2

References

reference_url	http://osdir.com/ml/ruby-talk/2010-07/msg00095.html
reference_id
reference_type
scores
url	http://osdir.com/ml/ruby-talk/2010-07/msg00095.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2489

reference_id

reference_type

scores

value	0.0013
scoring_system	epss
scoring_elements	0.32467
published_at	2026-04-21T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32473
published_at	2026-04-01T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32617
published_at	2026-04-02T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32652
published_at	2026-04-04T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32475
published_at	2026-04-07T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32522
published_at	2026-04-16T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32549
published_at	2026-04-09T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32553
published_at	2026-04-11T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32515
published_at	2026-04-12T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32488
published_at	2026-04-13T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.325
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2489

reference_url	http://secunia.com/advisories/40442
reference_id
reference_type
scores
url	http://secunia.com/advisories/40442

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/60135
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/60135

reference_url	http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLog
reference_id
reference_type
scores
url	http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLog

reference_url	http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLog
reference_id
reference_type
scores
url	http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLog

reference_url	https://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released

reference_url	http://www.openwall.com/lists/oss-security/2010/07/02/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/07/02/1

reference_url	http://www.openwall.com/lists/oss-security/2010/07/02/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/07/02/10

reference_url	http://www.osvdb.org/66040
reference_id
reference_type
scores
url	http://www.osvdb.org/66040

reference_url	http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/

reference_url	http://www.securityfocus.com/bid/41321
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/41321

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0-0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0-1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0-2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2489

reference_id

CVE-2010-2489

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2489

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 7.2 - 7.2

Exploitability 0.5

Weighted_severity 6.5

Risk_score 3.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e58n-x5ra-6ybq

Vulnerability Instance