{"url":"http://public2.vulnerablecode.io/api/packages/102536?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.9.0-1?distro=trixie","type":"deb","namespace":"debian","name":"ruby-doorkeeper-openid-connect","version":"1.9.0-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203372?format=json","vulnerability_id":"VCID-ahan-wj17-eyg5","summary":"Doorkeeper-openid_connect contains Open Redirect","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9837","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58443","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9837"},{"reference_url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect"},{"reference_url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/master/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/master/CHANGELOG.md"},{"reference_url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/master/CHANGELOG.md#v154-2019-02-15","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/master/CHANGELOG.md#v154-2019-02-15"},{"reference_url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61"},{"reference_url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924747","reference_id":"924747","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924747"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9837","reference_id":"CVE-2019-9837","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9837"},{"reference_url":"https://github.com/advisories/GHSA-vv4c-g6q7-p3q7","reference_id":"GHSA-vv4c-g6q7-p3q7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vv4c-g6q7-p3q7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102534?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102535?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.7.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.7.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102533?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.8.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.8.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102537?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.8.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.8.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102536?format=json","purl":"pkg:deb/debian/ruby-doorkeeper-openid-connect@1.9.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.9.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9837","GHSA-vv4c-g6q7-p3q7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahan-wj17-eyg5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-doorkeeper-openid-connect@1.9.0-1%3Fdistro=trixie"}