{"url":"http://public2.vulnerablecode.io/api/packages/130665?format=json","purl":"pkg:ruby/ruby@1.9.2","type":"ruby","namespace":"","name":"ruby","version":"1.9.2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88160?format=json","vulnerability_id":"VCID-cvs2-zecm-z3h8","summary":"ruby: DL:: dlopen could open a library with tainted library name","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796344","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796344"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796551","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796551"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0583","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0583"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7551.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7551","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37255","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37555","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37165","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37137","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37214","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37233","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37737","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37762","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3764","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3769","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37704","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37717","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37654","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37702","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37684","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37622","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37385","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37365","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37276","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37158","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37225","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37245","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ruby/ruby/commit/339e11a7f178312d937b7c95dd3115ce7236597a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ruby/ruby/commit/339e11a7f178312d937b7c95dd3115ce7236597a"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7551","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7551"},{"reference_url":"https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7551.html","reference_id":"","reference_type":"","scores":[],"url":"https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7551.html"},{"reference_url":"https://puppet.com/security/cve/ruby-dec-2015-security-fixes","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/ruby-dec-2015-security-fixes"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.securityfocus.com/bid/76060","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/76060"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1248935","reference_id":"1248935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1248935"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/3365-1/","reference_id":"USN-3365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3365-1/"}],"fixed_packages":[],"aliases":["CVE-2015-7551","GHSA-m9xr-x5mq-4fp5"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvs2-zecm-z3h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88159?format=json","vulnerability_id":"VCID-dh8q-zyat-43ce","summary":"ruby: DL:: dlopen could open a library with tainted library name","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0583","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0583"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5147.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-5147","reference_id":"","reference_type":"","scores":[{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98133","published_at":"2026-05-16T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98091","published_at":"2026-04-01T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98123","published_at":"2026-05-07T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98126","published_at":"2026-05-09T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98127","published_at":"2026-05-12T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98132","published_at":"2026-05-14T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98135","published_at":"2026-05-15T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98095","published_at":"2026-04-02T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98099","published_at":"2026-04-07T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98109","published_at":"2026-04-12T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.9811","published_at":"2026-04-13T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98117","published_at":"2026-04-29T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.56223","scoring_system":"epss","scoring_elements":"0.98124","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-5147"},{"reference_url":"http://seclists.org/oss-sec/2015/q3/222","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2015/q3/222"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-5147","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-5147"},{"reference_url":"https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/"},{"reference_url":"http://www.securityfocus.com/bid/76060","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/76060"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1248935","reference_id":"1248935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1248935"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p353:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p353:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p353:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p598:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p598:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p598:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p643:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p643:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p643:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p645:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p645:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p645:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p647:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.0.0:p647:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.0.0:p647:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7305","reference_id":"RHSA-2026:7305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7307","reference_id":"RHSA-2026:7307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8838","reference_id":"RHSA-2026:8838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8838"},{"reference_url":"https://usn.ubuntu.com/3365-1/","reference_id":"USN-3365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3365-1/"}],"fixed_packages":[],"aliases":["CVE-2009-5147","GHSA-mmq8-m72q-qgm4"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dh8q-zyat-43ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90858?format=json","vulnerability_id":"VCID-e58n-x5ra-6ybq","summary":"Ruby on Windows ARGF.inplace_mode Variable Local Overflow\nBuffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might\nallow local users to gain privileges via a crafted ARGF.inplace_mode\nvalue that is not properly handled when constructing the filenames\nof the backup files.","references":[{"reference_url":"http://osdir.com/ml/ruby-talk/2010-07/msg00095.html","reference_id":"","reference_type":"","scores":[],"url":"http://osdir.com/ml/ruby-talk/2010-07/msg00095.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2489","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3205","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32473","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32652","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32522","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32549","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32553","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.325","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32467","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32302","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32186","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31961","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32026","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32036","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3194","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31963","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32031","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32052","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2489"},{"reference_url":"http://secunia.com/advisories/40442","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40442"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60135","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60135"},{"reference_url":"http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLog"},{"reference_url":"http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLog"},{"reference_url":"https://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/07/02/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/07/02/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/07/02/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/07/02/10"},{"reference_url":"http://www.osvdb.org/66040","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/66040"},{"reference_url":"http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/"},{"reference_url":"http://www.securityfocus.com/bid/41321","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/41321"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2489","reference_id":"CVE-2010-2489","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2489"}],"fixed_packages":[],"aliases":["CVE-2010-2489","GHSA-pj28-mx3m-9668","OSV-66040"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e58n-x5ra-6ybq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62211?format=json","vulnerability_id":"VCID-rh8q-s45v-xbhg","summary":"Multiple vulnerabilities have been found in Ruby, allowing\n    context-dependent attackers to cause a Denial of Service condition.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html"},{"reference_url":"http://osvdb.org/70958","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70958"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1004.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1004","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13603","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13495","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13656","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13455","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13536","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13586","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13558","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1352","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13474","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13385","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13383","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13456","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13461","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13432","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13327","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13229","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13469","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13462","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13493","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13578","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13591","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1004"},{"reference_url":"http://secunia.com/advisories/43434","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43434"},{"reference_url":"http://secunia.com/advisories/43573","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43573"},{"reference_url":"http://support.apple.com/kb/HT5281","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5281"},{"reference_url":"https://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:097","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:097"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/02/21/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2011/02/21/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/02/21/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2011/02/21/5"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0909.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0910.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0910.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/"},{"reference_url":"http://www.securityfocus.com/bid/46460","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46460"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0539","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0539"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=678913","reference_id":"678913","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=678913"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.8:dev:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.3:dev:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1004","reference_id":"CVE-2011-1004","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1004"},{"reference_url":"https://security.gentoo.org/glsa/201412-27","reference_id":"GLSA-201412-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0909","reference_id":"RHSA-2011:0909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0910","reference_id":"RHSA-2011:0910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0910"},{"reference_url":"https://usn.ubuntu.com/1377-1/","reference_id":"USN-1377-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1377-1/"}],"fixed_packages":[],"aliases":["CVE-2011-1004","GHSA-45wv-gc6w-fq7m","OSV-70958"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rh8q-s45v-xbhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88232?format=json","vulnerability_id":"VCID-xtny-ychb-fff1","summary":"ruby: Incorrect checks for validity of X.509 certificates","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://redmine.ruby-lang.org/issues/show/1091","reference_id":"","reference_type":"","scores":[],"url":"http://redmine.ruby-lang.org/issues/show/1091"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642","reference_id":"","reference_type":"","scores":[{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76873","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76618","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76716","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76742","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76749","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76748","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76797","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76785","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76801","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76849","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76864","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://secunia.com/advisories/33750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33750"},{"reference_url":"http://secunia.com/advisories/35699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35699"},{"reference_url":"http://secunia.com/advisories/35937","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35937"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html"},{"reference_url":"http://www.securityfocus.com/bid/33769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33769"},{"reference_url":"http://www.securitytracker.com/id?1022505","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1022505"},{"reference_url":"http://www.ubuntu.com/usn/USN-805-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-805-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183","reference_id":"486183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642","reference_id":"CVE-2009-0642","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/805-1/","reference_id":"USN-805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/805-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0642","GHSA-4gvm-4mw2-9fpv"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtny-ychb-fff1"}],"fixing_vulnerabilities":[],"risk_score":"3.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.9.2"}