Package Instance

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2023-34246.yml

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2023-34246.yml

reference_url

https://lists.debian.org/debian-lts-announce/2024/12/msg00010.html

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/12/msg00010.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-34246

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-34246

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038950
reference_id	1038950
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038950

reference_url

https://github.com/doorkeeper-gem/doorkeeper/issues/1589

reference_id

1589

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://github.com/doorkeeper-gem/doorkeeper/issues/1589

reference_url

https://github.com/doorkeeper-gem/doorkeeper/pull/1646

reference_id

1646

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://github.com/doorkeeper-gem/doorkeeper/pull/1646

reference_url

https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w

reference_id

GHSA-7w2c-w47h-789w

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00016.html

reference_id

msg00016.html

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00016.html

reference_url

https://www.rfc-editor.org/rfc/rfc8252#section-8.6

reference_id

rfc8252#section-8.6

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://www.rfc-editor.org/rfc/rfc8252#section-8.6

reference_url	https://usn.ubuntu.com/6210-1/
reference_id	USN-6210-1
reference_type
scores
url	https://usn.ubuntu.com/6210-1/

reference_url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v5.6.6

reference_id

v5.6.6

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-03T23:12:01Z/

url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v5.6.6

fixed_packages

url	pkg:gem/doorkeeper@5.6.6
purl	pkg:gem/doorkeeper@5.6.6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.6.6

aliases CVE-2023-34246, GHSA-7w2c-w47h-789w

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hfe-zz1b-pbcz

url VCID-73js-ake8-6bh5

vulnerability_id VCID-73js-ake8-6bh5

summary Doorkeeper vulnerable to Cross-site Request Forgery

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8144

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31439
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8144

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/99342

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/99342

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md

reference_url	https://groups.google.com/forum/#!topic/ruby-security-ann/5_VqJtNc8jw
reference_id
reference_type
scores
url	https://groups.google.com/forum/#!topic/ruby-security-ann/5_VqJtNc8jw

reference_url

reference_id

CVE-2014-8144

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

GHSA-685w-vc84-wxcx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000211

fixed_packages

url pkg:gem/doorkeeper@2.0.0

purl pkg:gem/doorkeeper@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-73js-ake8-6bh5

vulnerability	VCID-8we8-5rwq-mkew

vulnerability	VCID-eszr-kaxs-uub2

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-ky7t-t1vu-tyhe

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@2.0.0

aliases CVE-2014-8144, GHSA-685w-vc84-wxcx, OSV-116010

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73js-ake8-6bh5

url VCID-8we8-5rwq-mkew

vulnerability_id VCID-8we8-5rwq-mkew

summary Doorkeeper subject to Incorrect Permission Assignment

references

reference_url

reference_id

reference_type

scores

value	0.00265
scoring_system	epss
scoring_elements	0.50302
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000211

reference_url

https://blog.justinbull.ca/cve-2018-1000211-public-apps-cant-revoke-tokens-in-doorkeeper/

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

url

https://blog.justinbull.ca/cve-2018-1000211-public-apps-cant-revoke-tokens-in-doorkeeper/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000211

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/issues/891

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/issues/891

reference_url

https://github.com/doorkeeper-gem/doorkeeper/pull/1119

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/pull/1119

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903980
reference_id	903980
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903980

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000211

reference_id

CVE-2018-1000211

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000211

reference_url

https://github.com/advisories/GHSA-694m-jhr9-pf77

reference_id

GHSA-694m-jhr9-pf77

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-694m-jhr9-pf77

fixed_packages

url pkg:gem/doorkeeper@4.2.5

purl pkg:gem/doorkeeper@4.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@4.2.5

url pkg:gem/doorkeeper@4.4.0

purl pkg:gem/doorkeeper@4.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@4.4.0

aliases CVE-2018-1000211, GHSA-694m-jhr9-pf77

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8we8-5rwq-mkew

url VCID-eszr-kaxs-uub2

vulnerability_id VCID-eszr-kaxs-uub2

summary

Sensitive information in production logs
The program stores sensitive information in production logs. This may allow a local attacker to gain access to sensitive information.

references

reference_url	https://github.com/apsoto/doorkeeper/commit/ff434bb8fc49e132bff4d0f974ee0c1a8a69c143
reference_id
reference_type
scores
url	https://github.com/apsoto/doorkeeper/commit/ff434bb8fc49e132bff4d0f974ee0c1a8a69c143

reference_url	https://github.com/doorkeeper-gem/doorkeeper/commit/d6bca5f32b741b8cee83a4aeb818338b919181fe
reference_id
reference_type
scores
url	https://github.com/doorkeeper-gem/doorkeeper/commit/d6bca5f32b741b8cee83a4aeb818338b919181fe

reference_url	https://github.com/doorkeeper-gem/doorkeeper/issues/576
reference_id
reference_type
scores
url	https://github.com/doorkeeper-gem/doorkeeper/issues/576

reference_url	http://www.osvdb.com/show/osvdb/118830
reference_id
reference_type
scores
url	http://www.osvdb.com/show/osvdb/118830

fixed_packages

url pkg:gem/doorkeeper@1.4.2

purl pkg:gem/doorkeeper@1.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-8we8-5rwq-mkew

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-ky7t-t1vu-tyhe

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@1.4.2

url pkg:gem/doorkeeper@2.1.2

purl pkg:gem/doorkeeper@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-8we8-5rwq-mkew

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-ky7t-t1vu-tyhe

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@2.1.2

aliases OSVDB-118830

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eszr-kaxs-uub2

url VCID-kwt1-5aw9-a7eu

vulnerability_id VCID-kwt1-5aw9-a7eu

summary Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10187

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62662
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10187

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10187

reference_url

https://github.com/doorkeeper-gem/doorkeeper/commit/25d038022c2fcad45af5b73f9d003cf38ff491f6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/commit/25d038022c2fcad45af5b73f9d003cf38ff491f6

reference_url

https://github.com/doorkeeper-gem/doorkeeper/releases

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/releases

reference_url

https://github.com/rubysec/ruby-advisory-db/pull/446

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/pull/446

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959903
reference_id	959903
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959903

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10187

reference_id

CVE-2020-10187

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10187

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2020-10187.yml

reference_id

CVE-2020-10187.YML

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2020-10187.yml

reference_url

https://github.com/advisories/GHSA-j7vx-8mqj-cqp9

reference_id

GHSA-j7vx-8mqj-cqp9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j7vx-8mqj-cqp9

reference_url

https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-j7vx-8mqj-cqp9

reference_id

GHSA-j7vx-8mqj-cqp9

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-j7vx-8mqj-cqp9

fixed_packages

url pkg:gem/doorkeeper@5.0.3

purl pkg:gem/doorkeeper@5.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.0.3

url pkg:gem/doorkeeper@5.1.0.rc1

purl pkg:gem/doorkeeper@5.1.0.rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.1.0.rc1

url pkg:gem/doorkeeper@5.1.1

purl pkg:gem/doorkeeper@5.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.1.1

url pkg:gem/doorkeeper@5.2.0.rc1

purl pkg:gem/doorkeeper@5.2.0.rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.2.0.rc1

url pkg:gem/doorkeeper@5.2.5

purl pkg:gem/doorkeeper@5.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.2.5

url pkg:gem/doorkeeper@5.3.2

purl pkg:gem/doorkeeper@5.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.3.2

url pkg:gem/doorkeeper@5.4.0.rc1

purl pkg:gem/doorkeeper@5.4.0.rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@5.4.0.rc1

aliases CVE-2020-10187, GHSA-j7vx-8mqj-cqp9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwt1-5aw9-a7eu

url VCID-ky7t-t1vu-tyhe

vulnerability_id VCID-ky7t-t1vu-tyhe

summary Doorkeeper is vulnerable to replay attacks

references

reference_url

http://packetstormsecurity.com/files/138430/Doorkeeper-4.1.0-Token-Revocation.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/138430/Doorkeeper-4.1.0-Token-Revocation.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6582

reference_id

reference_type

scores

value	0.00988
scoring_system	epss
scoring_elements	0.77278
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6582

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6582
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6582

reference_url

http://seclists.org/fulldisclosure/2016/Aug/105

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2016/Aug/105

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/issues/875

reference_url	https://github.com/doorkeeper-gem/doorkeeper/commit/fb938051777a3c9cb071e96fc66458f8f615bd53
reference_id
reference_type
scores
url	https://github.com/doorkeeper-gem/doorkeeper/commit/fb938051777a3c9cb071e96fc66458f8f615bd53

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/issues/875

reference_url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v4.2.0

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v4.2.0

reference_url

https://web.archive.org/web/20170214021758/http://www.securityfocus.com/bid/92551

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170214021758/http://www.securityfocus.com/bid/92551

reference_url

https://web.archive.org/web/20201207202519/http://www.securityfocus.com/archive/1/539268/100/0/threaded

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201207202519/http://www.securityfocus.com/archive/1/539268/100/0/threaded

reference_url

http://www.openwall.com/lists/oss-security/2016/08/19/2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2016/08/19/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834843
reference_id	834843
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834843

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-6582

reference_id

CVE-2016-6582

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-6582

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2016-6582.yml

reference_id

CVE-2016-6582.YML

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2016-6582.yml

reference_url

https://github.com/advisories/GHSA-3m6r-39p3-jq25

reference_id

GHSA-3m6r-39p3-jq25

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-3m6r-39p3-jq25

reference_url	https://usn.ubuntu.com/7394-1/
reference_id	USN-7394-1
reference_type
scores
url	https://usn.ubuntu.com/7394-1/

fixed_packages

url pkg:gem/doorkeeper@4.2.0

purl pkg:gem/doorkeeper@4.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-8we8-5rwq-mkew

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@4.2.0

aliases CVE-2016-6582, GHSA-3m6r-39p3-jq25

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky7t-t1vu-tyhe

url VCID-nk9e-4h39-hbh2

vulnerability_id VCID-nk9e-4h39-hbh2

summary Doorkeeper is vulnerable to stored XSS and code execution

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000088

reference_id

reference_type

scores

value	0.00174
scoring_system	epss
scoring_elements	0.38592
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000088

reference_url

https://blog.justinbull.ca/cve-2018-1000088-stored-xss-in-doorkeeper

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.justinbull.ca/cve-2018-1000088-stored-xss-in-doorkeeper

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000088

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/commit/7b1a8373ecd69768c896000c7971dbf48948c1b5

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/commit/7b1a8373ecd69768c896000c7971dbf48948c1b5

reference_url

https://github.com/doorkeeper-gem/doorkeeper/issues/969

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/issues/969

reference_url

https://github.com/doorkeeper-gem/doorkeeper/pull/970

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/pull/970

reference_url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v4.3.0

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v4.3.0

reference_url

https://github.com/rubysec/ruby-advisory-db/pull/328/files

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/pull/328/files

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891069
reference_id	891069
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891069

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000088

reference_id

CVE-2018-1000088

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000088

reference_url

https://blog.justinbull.ca/cve-2018-1000088-stored-xss-in-doorkeeper/

reference_id

CVE-2018-1000088-STORED-XSS-IN-DOORKEEPER

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements

url

https://blog.justinbull.ca/cve-2018-1000088-stored-xss-in-doorkeeper/

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2018-1000088.yml

reference_id

CVE-2018-1000088.YML

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/doorkeeper/CVE-2018-1000088.yml

reference_url

https://github.com/advisories/GHSA-hwhh-2fwm-cfgw

reference_id

GHSA-hwhh-2fwm-cfgw

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hwhh-2fwm-cfgw

reference_url	https://usn.ubuntu.com/7394-1/
reference_id	USN-7394-1
reference_type
scores
url	https://usn.ubuntu.com/7394-1/

fixed_packages

url pkg:gem/doorkeeper@4.2.6

purl pkg:gem/doorkeeper@4.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4hfe-zz1b-pbcz

vulnerability	VCID-kwt1-5aw9-a7eu

vulnerability	VCID-nk9e-4h39-hbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/doorkeeper@4.2.6

aliases CVE-2018-1000088, GHSA-hwhh-2fwm-cfgw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nk9e-4h39-hbh2

Fixing_vulnerabilities

url VCID-73js-ake8-6bh5

vulnerability_id VCID-73js-ake8-6bh5

summary Doorkeeper vulnerable to Cross-site Request Forgery

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8144

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31439
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8144

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/99342

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/99342

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md

reference_url	https://groups.google.com/forum/#!topic/ruby-security-ann/5_VqJtNc8jw
reference_id
reference_type
scores
url	https://groups.google.com/forum/#!topic/ruby-security-ann/5_VqJtNc8jw

reference_url

reference_id

CVE-2014-8144

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

GHSA-685w-vc84-wxcx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url