{"url":"http://public2.vulnerablecode.io/api/packages/130657?format=json","purl":"pkg:ruby/ruby@1.8.7","type":"ruby","namespace":"","name":"ruby","version":"1.8.7","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40990?format=json","vulnerability_id":"VCID-4yvc-uzev-wua4","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3655","reference_id":"","reference_type":"","scores":[{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96682","published_at":"2026-05-15T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96594","published_at":"2026-04-01T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96608","published_at":"2026-04-04T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96627","published_at":"2026-04-13T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96638","published_at":"2026-04-18T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96642","published_at":"2026-04-26T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96644","published_at":"2026-04-29T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96653","published_at":"2026-05-05T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96656","published_at":"2026-05-07T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96662","published_at":"2026-05-09T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96666","published_at":"2026-05-11T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.9667","published_at":"2026-05-12T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96679","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3655"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/32372","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32372"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44369","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44369"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020656","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020656"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458948","reference_id":"458948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458948"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3655","reference_id":"CVE-2008-3655","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3655"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb","reference_id":"CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb","reference_id":"CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0895","reference_id":"RHSA-2008:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0896","reference_id":"RHSA-2008:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[],"aliases":["CVE-2008-3655","GHSA-p524-ppf2-w36w"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=json","vulnerability_id":"VCID-5bte-uex2-f7du","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2664","reference_id":"","reference_type":"","scores":[{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.91024","published_at":"2026-05-15T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90872","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90887","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90908","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90915","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90924","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90922","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90947","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90945","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90958","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90956","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90971","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90987","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.91001","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90999","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.91008","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.91018","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2664"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43348","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43348"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450834","reference_id":"450834","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450834"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2664","reference_id":"CVE-2008-2664","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2664"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2664","GHSA-c4h6-p7gp-39x2","OSV-46552"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=json","vulnerability_id":"VCID-8fbf-8fea-27d9","summary":"Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n    spoofing of DNS replies.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"},{"reference_url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"},{"reference_url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447","reference_id":"","reference_type":"","scores":[{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99432","published_at":"2026-05-15T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99431","published_at":"2026-05-12T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99418","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99419","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.9942","published_at":"2026-04-09T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99425","published_at":"2026-04-21T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99427","published_at":"2026-04-29T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99428","published_at":"2026-05-07T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99429","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037","reference_id":"","reference_type":"","scores":[],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"},{"reference_url":"http://secunia.com/advisories/30925","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30925"},{"reference_url":"http://secunia.com/advisories/30973","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30973"},{"reference_url":"http://secunia.com/advisories/30977","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30977"},{"reference_url":"http://secunia.com/advisories/30979","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30979"},{"reference_url":"http://secunia.com/advisories/30980","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30980"},{"reference_url":"http://secunia.com/advisories/30988","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30988"},{"reference_url":"http://secunia.com/advisories/30989","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30989"},{"reference_url":"http://secunia.com/advisories/30998","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30998"},{"reference_url":"http://secunia.com/advisories/31011","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31011"},{"reference_url":"http://secunia.com/advisories/31012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31012"},{"reference_url":"http://secunia.com/advisories/31014","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31014"},{"reference_url":"http://secunia.com/advisories/31019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31019"},{"reference_url":"http://secunia.com/advisories/31022","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31022"},{"reference_url":"http://secunia.com/advisories/31030","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31030"},{"reference_url":"http://secunia.com/advisories/31031","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31031"},{"reference_url":"http://secunia.com/advisories/31033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31033"},{"reference_url":"http://secunia.com/advisories/31052","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31052"},{"reference_url":"http://secunia.com/advisories/31065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31065"},{"reference_url":"http://secunia.com/advisories/31072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31072"},{"reference_url":"http://secunia.com/advisories/31093","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31093"},{"reference_url":"http://secunia.com/advisories/31094","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31094"},{"reference_url":"http://secunia.com/advisories/31137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31137"},{"reference_url":"http://secunia.com/advisories/31143","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31143"},{"reference_url":"http://secunia.com/advisories/31151","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31151"},{"reference_url":"http://secunia.com/advisories/31152","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31152"},{"reference_url":"http://secunia.com/advisories/31153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31153"},{"reference_url":"http://secunia.com/advisories/31169","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31169"},{"reference_url":"http://secunia.com/advisories/31197","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31197"},{"reference_url":"http://secunia.com/advisories/31199","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31199"},{"reference_url":"http://secunia.com/advisories/31204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31204"},{"reference_url":"http://secunia.com/advisories/31207","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31207"},{"reference_url":"http://secunia.com/advisories/31209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31209"},{"reference_url":"http://secunia.com/advisories/31212","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31212"},{"reference_url":"http://secunia.com/advisories/31213","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31213"},{"reference_url":"http://secunia.com/advisories/31221","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31221"},{"reference_url":"http://secunia.com/advisories/31236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31236"},{"reference_url":"http://secunia.com/advisories/31237","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31237"},{"reference_url":"http://secunia.com/advisories/31254","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31254"},{"reference_url":"http://secunia.com/advisories/31326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31326"},{"reference_url":"http://secunia.com/advisories/31354","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31354"},{"reference_url":"http://secunia.com/advisories/31422","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31422"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31451","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31451"},{"reference_url":"http://secunia.com/advisories/31482","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31482"},{"reference_url":"http://secunia.com/advisories/31495","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31495"},{"reference_url":"http://secunia.com/advisories/31588","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31588"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/31823","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31823"},{"reference_url":"http://secunia.com/advisories/31882","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31882"},{"reference_url":"http://secunia.com/advisories/31900","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31900"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/33714","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33714"},{"reference_url":"http://secunia.com/advisories/33786","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33786"},{"reference_url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc","reference_id":"","reference_type":"","scores":[],"url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-08.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-08.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-25.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-25.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"},{"reference_url":"http://support.apple.com/kb/HT3026","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3026"},{"reference_url":"http://support.apple.com/kb/HT3129","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3129"},{"reference_url":"http://support.citrix.com/article/CTX117991","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX117991"},{"reference_url":"http://support.citrix.com/article/CTX118183","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX118183"},{"reference_url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152","reference_id":"","reference_type":"","scores":[],"url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"},{"reference_url":"https://www.exploit-db.com/exploits/6122","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6122"},{"reference_url":"https://www.exploit-db.com/exploits/6123","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6123"},{"reference_url":"https://www.exploit-db.com/exploits/6130","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6130"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html","reference_id":"","reference_type":"","scores":[],"url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"},{"reference_url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning","reference_id":"","reference_type":"","scores":[],"url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml","reference_id":"","reference_type":"","scores":[],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"},{"reference_url":"http://www.debian.org/security/2008/dsa-1603","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1603"},{"reference_url":"http://www.debian.org/security/2008/dsa-1604","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1604"},{"reference_url":"http://www.debian.org/security/2008/dsa-1605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1605"},{"reference_url":"http://www.debian.org/security/2008/dsa-1619","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1619"},{"reference_url":"http://www.debian.org/security/2008/dsa-1623","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1623"},{"reference_url":"http://www.doxpara.com/DMK_BO2K8.ppt","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/DMK_BO2K8.ppt"},{"reference_url":"http://www.doxpara.com/?p=1176","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/?p=1176"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"},{"reference_url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40","reference_id":"","reference_type":"","scores":[],"url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40"},{"reference_url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php"},{"reference_url":"http://www.kb.cert.org/vuls/id/800113","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/800113"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"},{"reference_url":"http://www.nominum.com/asset_upload_file741_2661.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.nominum.com/asset_upload_file741_2661.pdf"},{"reference_url":"http://www.novell.com/support/viewContent.do?externalId=7000912","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/support/viewContent.do?externalId=7000912"},{"reference_url":"http://www.openbsd.org/errata42.html#013_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata42.html#013_bind"},{"reference_url":"http://www.openbsd.org/errata43.html#004_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata43.html#004_bind"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html"},{"reference_url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30131"},{"reference_url":"http://www.securitytracker.com/id?1020437","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020437"},{"reference_url":"http://www.securitytracker.com/id?1020438","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020438"},{"reference_url":"http://www.securitytracker.com/id?1020440","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020440"},{"reference_url":"http://www.securitytracker.com/id?1020448","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020448"},{"reference_url":"http://www.securitytracker.com/id?1020449","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020449"},{"reference_url":"http://www.securitytracker.com/id?1020548","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020548"},{"reference_url":"http://www.securitytracker.com/id?1020558","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020558"},{"reference_url":"http://www.securitytracker.com/id?1020560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020560"},{"reference_url":"http://www.securitytracker.com/id?1020561","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020561"},{"reference_url":"http://www.securitytracker.com/id?1020575","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020575"},{"reference_url":"http://www.securitytracker.com/id?1020576","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020576"},{"reference_url":"http://www.securitytracker.com/id?1020577","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020577"},{"reference_url":"http://www.securitytracker.com/id?1020578","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020578"},{"reference_url":"http://www.securitytracker.com/id?1020579","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020579"},{"reference_url":"http://www.securitytracker.com/id?1020651","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020651"},{"reference_url":"http://www.securitytracker.com/id?1020653","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020653"},{"reference_url":"http://www.securitytracker.com/id?1020702","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020702"},{"reference_url":"http://www.securitytracker.com/id?1020802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020802"},{"reference_url":"http://www.securitytracker.com/id?1020804","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020804"},{"reference_url":"http://www.ubuntu.com/usn/usn-622-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-622-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-627-1"},{"reference_url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2019/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2019/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2023/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2023/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2025/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2025/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2029/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2029/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2030/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2030/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2050/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2050/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2051/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2051/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2052/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2052/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2055/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2055/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2092/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2092/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2113/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2113/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2114/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2114/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2123/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2123/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2139/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2139/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2166/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2166/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2195/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2195/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2196/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2196/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2197/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2197/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2268","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2268"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2291","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2291"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2342","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2342"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2377","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2377"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2383","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2383"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2384","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2384"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2466","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2466"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2467","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2467"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2482","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2482"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2525","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2525"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2549","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2549"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2558","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2558"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2582","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2582"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2584","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2584"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0297"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0311","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0311"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0622","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/0622"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345","reference_id":"449345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123","reference_id":"490123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465","reference_id":"492465","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698","reference_id":"492698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700","reference_id":"492700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599","reference_id":"493599","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447","reference_id":"CVE-2008-1447","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447"},{"reference_url":"https://security.gentoo.org/glsa/200807-08","reference_id":"GLSA-200807-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-08"},{"reference_url":"https://security.gentoo.org/glsa/200809-02","reference_id":"GLSA-200809-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-02"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://security.gentoo.org/glsa/200901-03","reference_id":"GLSA-200901-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200901-03"},{"reference_url":"https://security.gentoo.org/glsa/201209-25","reference_id":"GLSA-201209-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0533","reference_id":"RHSA-2008:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0789","reference_id":"RHSA-2008:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0789"},{"reference_url":"https://usn.ubuntu.com/622-1/","reference_id":"USN-622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/622-1/"},{"reference_url":"https://usn.ubuntu.com/627-1/","reference_id":"USN-627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/627-1/"}],"fixed_packages":[],"aliases":["CVE-2008-1447"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88632?format=json","vulnerability_id":"VCID-94vg-kqhg-qfdv","summary":"net:: * modules","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5770.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5770","reference_id":"","reference_type":"","scores":[{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91886","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91902","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91908","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91921","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91926","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91929","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91941","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91943","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91937","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91963","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.9198","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.91996","published_at":"2026-05-14T12:55:00Z"},{"value":"0.07714","scoring_system":"epss","scoring_elements":"0.92004","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5770"},{"reference_url":"http://www.cvedetails.com/cve/CVE-2007-5770/","reference_id":"","reference_type":"","scores":[],"url":"http://www.cvedetails.com/cve/CVE-2007-5770/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=362081","reference_id":"362081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=362081"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0961","reference_id":"RHSA-2007:0961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0965","reference_id":"RHSA-2007:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0965"},{"reference_url":"https://usn.ubuntu.com/596-1/","reference_id":"USN-596-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/596-1/"}],"fixed_packages":[],"aliases":["CVE-2007-5770","GHSA-mf83-c25g-48r6"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94vg-kqhg-qfdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=json","vulnerability_id":"VCID-9gp6-pvw1-ufhs","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2725","reference_id":"","reference_type":"","scores":[{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85476","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85378","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85404","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85422","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85417","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.8543","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85468","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.8532","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85318","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85315","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85335","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85336","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85333","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85356","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85365","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85364","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86902","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86917","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2725"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43350","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43350"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451821","reference_id":"451821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451821"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2725","reference_id":"CVE-2008-2725","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2725"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2725","GHSA-924x-9756-qq8p","OSV-46553"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87786?format=json","vulnerability_id":"VCID-9ukz-9357-aqb6","summary":"Ruby WEBrick javascript injection flaw","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0541","reference_id":"","reference_type":"","scores":[{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82583","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82315","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82329","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82347","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82342","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82369","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82395","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82391","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82386","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.8242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82421","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82425","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82447","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82461","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82481","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82522","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.8252","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82536","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01718","scoring_system":"epss","scoring_elements":"0.82577","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0541"},{"reference_url":"http://secunia.com/advisories/40220","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40220"},{"reference_url":"https://support.apple.com/en-us/HT4188","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/en-us/HT4188"},{"reference_url":"http://support.apple.com/kb/HT4188","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4188"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:097","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:097"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:098","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:098"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0908.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0908.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html"},{"reference_url":"http://www.securityfocus.com/bid/40871","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40871"},{"reference_url":"http://www.securityfocus.com/bid/40895","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40895"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1481","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1481"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=587731","reference_id":"587731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=587731"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0541","reference_id":"CVE-2010-0541","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0908","reference_id":"RHSA-2011:0908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0909","reference_id":"RHSA-2011:0909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0909"},{"reference_url":"https://usn.ubuntu.com/1377-1/","reference_id":"USN-1377-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1377-1/"}],"fixed_packages":[],"aliases":["CVE-2010-0541","GHSA-h9r2-943c-qg8v","OSV-65556"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ukz-9357-aqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40992?format=json","vulnerability_id":"VCID-a15m-bcma-vfa7","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3656","reference_id":"","reference_type":"","scores":[{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98499","published_at":"2026-05-15T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98483","published_at":"2026-04-16T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98484","published_at":"2026-04-21T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98488","published_at":"2026-04-29T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98493","published_at":"2026-05-11T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98496","published_at":"2026-05-09T12:55:00Z"},{"value":"0.65085","scoring_system":"epss","scoring_elements":"0.98495","published_at":"2026-05-12T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98611","published_at":"2026-04-01T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98626","published_at":"2026-04-13T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98613","published_at":"2026-04-02T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98618","published_at":"2026-04-07T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.9862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98624","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3656"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44371","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44371"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3656","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3656"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020654","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020654"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458953","reference_id":"458953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458953"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://www.securityfocus.com/bid/30644/info","reference_id":"CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/30644/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb","reference_id":"CVE-2008-4310;OSVDB-47471;CVE-2008-3656","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[],"aliases":["CVE-2008-3656","GHSA-823x-6r7f-v9x6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8434?format=json","vulnerability_id":"VCID-bv9s-j5yk-m3aw","summary":"WEBrick Improper Input Validation vulnerability\nWEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4492","reference_id":"","reference_type":"","scores":[{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95177","published_at":"2026-05-15T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95105","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95107","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.9511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95118","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95121","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95123","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95124","published_at":"2026-04-26T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95136","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95142","published_at":"2026-05-07T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95152","published_at":"2026-05-09T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95157","published_at":"2026-05-11T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95163","published_at":"2026-05-12T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95174","published_at":"2026-05-14T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95076","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95086","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95087","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95089","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95096","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17685","scoring_system":"epss","scoring_elements":"0.95099","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4492"},{"reference_url":"https://github.com/ruby/webrick","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ruby/webrick"},{"reference_url":"https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20100113155532/http://www.vupen.com/english/advisories/2010/0089"},{"reference_url":"https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20100815010948/http://secunia.com/advisories/37949"},{"reference_url":"https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170402100552/http://securitytracker.com/id?1023429"},{"reference_url":"https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170908140655/http://www.securityfocus.com/archive/1/508830/100/0/threaded"},{"reference_url":"https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228145937/http://www.securityfocus.com/bid/37710"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0908.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0908.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection"},{"reference_url":"http://www.ush.it/team/ush/hack_httpd_escape/adv.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ush.it/team/ush/hack_httpd_escape/adv.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=554485","reference_id":"554485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=554485"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4492","reference_id":"CVE-2009-4492","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4492"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt","reference_id":"CVE-2009-4492;OSVDB-61774","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33489.txt"},{"reference_url":"https://www.securityfocus.com/bid/37710/info","reference_id":"CVE-2009-4492;OSVDB-61774","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37710/info"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml","reference_id":"CVE-2009-4492.YML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2009-4492.yml"},{"reference_url":"https://github.com/advisories/GHSA-6mq2-37j5-w6r6","reference_id":"GHSA-6mq2-37j5-w6r6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6mq2-37j5-w6r6"},{"reference_url":"https://security.gentoo.org/glsa/201001-09","reference_id":"GLSA-201001-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201001-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0908","reference_id":"RHSA-2011:0908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0909","reference_id":"RHSA-2011:0909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0909"},{"reference_url":"https://usn.ubuntu.com/900-1/","reference_id":"USN-900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/900-1/"}],"fixed_packages":[],"aliases":["CVE-2009-4492","GHSA-6mq2-37j5-w6r6","OSV-61774"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv9s-j5yk-m3aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=json","vulnerability_id":"VCID-c9sy-czbr-tfer","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2726","reference_id":"","reference_type":"","scores":[{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86315","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86239","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86258","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86255","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86268","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86305","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86159","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86154","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86171","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86176","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86168","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86198","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86218","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86192","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86206","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86225","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2726"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43351","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43351"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451828","reference_id":"451828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451828"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2726","reference_id":"CVE-2008-2726","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2726"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2726","GHSA-v2mw-g73g-923h","OSV-46554"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88490?format=json","vulnerability_id":"VCID-ea13-mua4-1fb9","summary":"ruby: WEBrick CGI source disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1891","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5238","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52425","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52453","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52418","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52471","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52465","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.525","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52483","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52523","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52529","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52514","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52462","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52472","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52433","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52376","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52428","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52458","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56087","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56102","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1891"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1891","reference_id":"","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=443829","reference_id":"443829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=443829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"}],"fixed_packages":[],"aliases":["CVE-2008-1891","GHSA-rhf2-x48g-5wr7"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ea13-mua4-1fb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40993?format=json","vulnerability_id":"VCID-fw7k-88kf-1kgg","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3657","reference_id":"","reference_type":"","scores":[{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95905","published_at":"2026-05-15T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95813","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95821","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95832","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95836","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.9584","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95852","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95858","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.9586","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95862","published_at":"2026-04-26T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95863","published_at":"2026-04-29T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95875","published_at":"2026-05-05T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95877","published_at":"2026-05-07T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95882","published_at":"2026-05-09T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95886","published_at":"2026-05-11T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95891","published_at":"2026-05-12T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95903","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3657"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44372","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44372"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3657","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3657"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020652","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020652"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458966","reference_id":"458966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458966"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[],"aliases":["CVE-2008-3657","GHSA-5f6v-fgcw-j5px"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=json","vulnerability_id":"VCID-jx79-wpg7-2yaa","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2662","reference_id":"","reference_type":"","scores":[{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86199","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.85973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.85985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86055","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8606","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86052","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86072","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86082","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86081","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86101","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86122","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8614","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86136","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86149","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86188","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2662"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43345","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43345"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601"},{"reference_url":"https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450821","reference_id":"450821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450821"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2662","reference_id":"CVE-2008-2662","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2662"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2662","GHSA-6wwf-x53r-5qqq","OSV-46550"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=json","vulnerability_id":"VCID-mzqm-gc4w-fbfp","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2663","reference_id":"","reference_type":"","scores":[{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87331","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.8713","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.8714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87154","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87189","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.872","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87199","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87217","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87223","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87259","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87278","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87272","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87287","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87322","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2663"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43346","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43346"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450825","reference_id":"450825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2663","reference_id":"CVE-2008-2663","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2663"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2663","GHSA-8rh4-h2wx-5jpx","OSV-46551"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40984?format=json","vulnerability_id":"VCID-nsa4-b31c-37g2","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2376","reference_id":"","reference_type":"","scores":[{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93638","published_at":"2026-05-15T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93515","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.9354","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93543","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93569","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93574","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93579","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93584","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93583","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93589","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93602","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93613","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93619","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93632","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2376"},{"reference_url":"http://secunia.com/advisories/30927","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30927"},{"reference_url":"http://secunia.com/advisories/31006","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31006"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://issues.rpath.com/browse/RPL-2639","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2639"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2376","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2376"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863"},{"reference_url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0218","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0218"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/02/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/02/3"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.securityfocus.com/archive/1/494104/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/494104/100/0/threaded"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2584","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=453589","reference_id":"453589","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=453589"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[],"aliases":["CVE-2008-2376","GHSA-f7wf-fwmg-r7g3"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40996?format=json","vulnerability_id":"VCID-pegr-f5mh-ekdz","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3905","reference_id":"","reference_type":"","scores":[{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87206","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87007","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87037","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8703","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8705","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87057","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8706","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8708","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87077","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87096","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87102","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87122","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87137","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87155","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8715","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87165","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87199","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3905"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/32948","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32948"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45935","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45935"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3905","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3905"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/03/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/09/03/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/04/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/09/04/9"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/bid/31699","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31699"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461495","reference_id":"461495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461495"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0896","reference_id":"RHSA-2008:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[],"aliases":["CVE-2008-3905","GHSA-vwcj-mf69-7rfw"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88381?format=json","vulnerability_id":"VCID-qjwb-ph9u-bubf","summary":"ruby: Memory allocation failure in Ruby regex engine (remotely exploitable DoS)","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3443","reference_id":"","reference_type":"","scores":[{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96644","published_at":"2026-05-15T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.9656","published_at":"2026-04-01T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.9657","published_at":"2026-04-02T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96575","published_at":"2026-04-04T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96578","published_at":"2026-04-07T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96586","published_at":"2026-04-08T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.9659","published_at":"2026-04-11T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96591","published_at":"2026-04-12T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.966","published_at":"2026-04-16T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96605","published_at":"2026-04-18T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.9661","published_at":"2026-04-26T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96621","published_at":"2026-05-07T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96626","published_at":"2026-05-09T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96629","published_at":"2026-05-11T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96634","published_at":"2026-05-12T12:55:00Z"},{"value":"0.29255","scoring_system":"epss","scoring_elements":"0.96642","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/32372","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32372"},{"reference_url":"http://secunia.com/advisories/33185","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33185"},{"reference_url":"http://secunia.com/advisories/33398","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33398"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://securityreason.com/securityalert/4158","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/4158"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44688","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44688"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9570"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.exploit-db.com/exploits/6239","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6239"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://www.debian.org/security/2009/dsa-1695","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2009/dsa-1695"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.securityfocus.com/bid/30682","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30682"},{"reference_url":"http://www.securitytracker.com/id?1021075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1021075"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=459266","reference_id":"459266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=459266"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p231:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p52:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3443","reference_id":"CVE-2008-3443","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3443"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt","reference_id":"OSVDB-47800;CVE-2008-3443","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6239.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0895","reference_id":"RHSA-2008:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0896","reference_id":"RHSA-2008:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"},{"reference_url":"https://usn.ubuntu.com/691-1/","reference_id":"USN-691-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/691-1/"}],"fixed_packages":[],"aliases":["CVE-2008-3443"],"risk_score":9.0,"exploitability":"2.0","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjwb-ph9u-bubf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88232?format=json","vulnerability_id":"VCID-xtny-ychb-fff1","summary":"ruby: Incorrect checks for validity of X.509 certificates","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://redmine.ruby-lang.org/issues/show/1091","reference_id":"","reference_type":"","scores":[],"url":"http://redmine.ruby-lang.org/issues/show/1091"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642","reference_id":"","reference_type":"","scores":[{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76864","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76618","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76716","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76742","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76749","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76748","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76797","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76785","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76801","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76849","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://secunia.com/advisories/33750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33750"},{"reference_url":"http://secunia.com/advisories/35699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35699"},{"reference_url":"http://secunia.com/advisories/35937","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35937"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html"},{"reference_url":"http://www.securityfocus.com/bid/33769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33769"},{"reference_url":"http://www.securitytracker.com/id?1022505","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1022505"},{"reference_url":"http://www.ubuntu.com/usn/USN-805-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-805-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183","reference_id":"486183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642","reference_id":"CVE-2009-0642","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/805-1/","reference_id":"USN-805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/805-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0642","GHSA-4gvm-4mw2-9fpv"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtny-ychb-fff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59535?format=json","vulnerability_id":"VCID-ynyp-ybd9-57df","summary":"A flaw in the Ruby standard library might allow remote attackers to cause a\n    Denial of Service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1904.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1904","reference_id":"","reference_type":"","scores":[{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89121","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89136","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89138","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89156","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89161","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89168","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89178","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89177","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89191","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89196","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.892","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89208","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89224","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89235","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89232","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89242","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89261","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04526","scoring_system":"epss","scoring_elements":"0.89271","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1904"},{"reference_url":"https://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=504958","reference_id":"504958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=504958"},{"reference_url":"https://security.gentoo.org/glsa/200906-02","reference_id":"GLSA-200906-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200906-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/805-1/","reference_id":"USN-805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/805-1/"},{"reference_url":"https://usn.ubuntu.com/900-1/","reference_id":"USN-900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/900-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1904","GHSA-prwc-wj59-8vwr","OSV-55031"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ynyp-ybd9-57df"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.7"}