VulnerableCode Package Details - pkg:ruby/ruby@1.9.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:ruby/ruby@1.9.4

Essentials
History (8)

purl	pkg:ruby/ruby@1.9.4

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.1

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-1bdw-9rs5-6ycg Aliases: CVE-2013-4164 GHSA-j98q-m2w8-57rc OSV-100113	several	There are no reported fixed by versions.
VCID-5xez-skrj-b3h4 Aliases: CVE-2013-1821 GHSA-hgg7-cghq-xhf4 OSV-90587	Entity expansion DoS vulnerability in REXML `lib/rexml/text.rb` in the REXML parser allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.	There are no reported fixed by versions.
VCID-bjts-v9q2-9yg8 Aliases: CVE-2013-4073 GHSA-3gpq-xx45-4rr9 OSV-94628	several	There are no reported fixed by versions.
VCID-g7ju-q41v-wyhd Aliases: CVE-2014-8090 GHSA-2x97-vvh4-m4q4 OSV-114641	security update	There are no reported fixed by versions.
VCID-ggcn-qfts-rbeu Aliases: CVE-2013-2065 GHSA-wh77-3w5g-7q6x OSV-93414	Ruby: Object taint bypassing in DL and Fiddle	There are no reported fixed by versions.
VCID-hunm-dpcd-r3ff Aliases: CVE-2012-4522 GHSA-6mch-f8jc-rpmr OSV-87917	ruby: unintentional file creation caused by inserting an illegal NUL character	There are no reported fixed by versions.
VCID-jj3a-fpsa-a7at Aliases: CVE-2012-5371 GHSA-phrv-cj28-9h57 OSV-87863	Multiple vulnerabilities have been found in Ruby, allowing context-dependent attackers to cause a Denial of Service condition.	There are no reported fixed by versions.
VCID-wzdf-d9fv-u3hh Aliases: CVE-2014-8080 GHSA-ggvr-v7qh-jwjh OSV-113747	security update	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:18:13.507045+00:00	Ruby Importer	Affected by	VCID-5xez-skrj-b3h4	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2013-1821.yml	38.0.0
2026-04-01T15:18:13.270635+00:00	Ruby Importer	Affected by	VCID-1bdw-9rs5-6ycg	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2013-4164.yml	38.0.0
2026-04-01T15:18:13.040607+00:00	Ruby Importer	Affected by	VCID-ggcn-qfts-rbeu	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2013-2065.yml	38.0.0
2026-04-01T15:18:12.803751+00:00	Ruby Importer	Affected by	VCID-bjts-v9q2-9yg8	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2013-4073.yml	38.0.0
2026-04-01T15:18:12.262056+00:00	Ruby Importer	Affected by	VCID-jj3a-fpsa-a7at	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2012-5371.yml	38.0.0
2026-04-01T15:18:11.918699+00:00	Ruby Importer	Affected by	VCID-g7ju-q41v-wyhd	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2014-8090.yml	38.0.0
2026-04-01T15:18:11.667072+00:00	Ruby Importer	Affected by	VCID-hunm-dpcd-r3ff	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2012-4522.yml	38.0.0
2026-04-01T15:18:10.981895+00:00	Ruby Importer	Affected by	VCID-wzdf-d9fv-u3hh	https://github.com/rubysec/ruby-advisory-db/blob/master/rubies/ruby/CVE-2014-8080.yml	38.0.0