{"url":"http://public2.vulnerablecode.io/api/packages/14504?format=json","purl":"pkg:gem/rack@2.0.0","type":"gem","namespace":"","name":"rack","version":"2.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12572?format=json","vulnerability_id":"VCID-8fp2-gkct-2fcu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44571.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44571.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44571","reference_id":"","reference_type":"","scores":[{"value":"0.03121","scoring_system":"epss","scoring_elements":"0.87135","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03121","scoring_system":"epss","scoring_elements":"0.87187","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03121","scoring_system":"epss","scoring_elements":"0.87181","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539"},{"reference_url":"https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://discuss.rubyonrails.org/t/cve-2022-44571-possible-denial-of-service-vulnerability-in-rack-content-disposition-parsing/82126"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/releases/tag/v3.0.4.1","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/releases/tag/v3.0.4.1"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44571.yml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44571.yml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44571","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44571"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029832","reference_id":"1029832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164714","reference_id":"2164714","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164714"},{"reference_url":"https://github.com/advisories/GHSA-93pm-5p5f-3ghx","reference_id":"GHSA-93pm-5p5f-3ghx","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-93pm-5p5f-3ghx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://usn.ubuntu.com/5910-1/","reference_id":"USN-5910-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5910-1/"},{"reference_url":"https://usn.ubuntu.com/7036-1/","reference_id":"USN-7036-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7036-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379928?format=json","purl":"pkg:gem/rack@2.0.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/379929?format=json","purl":"pkg:gem/rack@2.1.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/379930?format=json","purl":"pkg:gem/rack@2.2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-au1a-twy1-sqfn"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/379931?format=json","purl":"pkg:gem/rack@3.0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@3.0.4.1"}],"aliases":["CVE-2022-44571","GHSA-93pm-5p5f-3ghx","GMS-2023-65"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fp2-gkct-2fcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12573?format=json","vulnerability_id":"VCID-dfww-bthd-m3c5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44572.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44572.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44572","reference_id":"","reference_type":"","scores":[{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.49244","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.49107","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.49262","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/releases/tag/v3.0.4.1","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/releases/tag/v3.0.4.1"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44572.yml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-44572.yml"},{"reference_url":"https://hackerone.com/reports/1639882","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/1639882"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44572","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44572"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029832","reference_id":"1029832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164722","reference_id":"2164722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164722"},{"reference_url":"https://github.com/advisories/GHSA-rqv2-275x-2jq5","reference_id":"GHSA-rqv2-275x-2jq5","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rqv2-275x-2jq5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://usn.ubuntu.com/5910-1/","reference_id":"USN-5910-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5910-1/"},{"reference_url":"https://usn.ubuntu.com/7036-1/","reference_id":"USN-7036-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7036-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379928?format=json","purl":"pkg:gem/rack@2.0.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/379929?format=json","purl":"pkg:gem/rack@2.1.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.1.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/392930?format=json","purl":"pkg:gem/rack@2.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-au1a-twy1-sqfn"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/379930?format=json","purl":"pkg:gem/rack@2.2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-au1a-twy1-sqfn"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/379931?format=json","purl":"pkg:gem/rack@3.0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@3.0.4.1"}],"aliases":["CVE-2022-44572","GHSA-rqv2-275x-2jq5","GMS-2023-66"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfww-bthd-m3c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15301?format=json","vulnerability_id":"VCID-dzcy-yd29-x3fm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27539.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27539","reference_id":"","reference_type":"","scores":[{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58992","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58869","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58981","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27539","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27539"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231208-0016","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231208-0016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033264","reference_id":"1033264","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033264"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179649","reference_id":"2179649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179649"},{"reference_url":"https://github.com/rack/rack/commit/231ef369ad0b542575fb36c74fcfcfabcf6c530c","reference_id":"231ef369ad0b542575fb36c74fcfcfabcf6c530c","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://github.com/rack/rack/commit/231ef369ad0b542575fb36c74fcfcfabcf6c530c"},{"reference_url":"https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466","reference_id":"82466","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466"},{"reference_url":"https://www.debian.org/security/2023/dsa-5530","reference_id":"dsa-5530","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://www.debian.org/security/2023/dsa-5530"},{"reference_url":"https://github.com/rack/rack/commit/ee7919ea04303717858be1c3f16b406adc6d8cff","reference_id":"ee7919ea04303717858be1c3f16b406adc6d8cff","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://github.com/rack/rack/commit/ee7919ea04303717858be1c3f16b406adc6d8cff"},{"reference_url":"https://github.com/advisories/GHSA-c6qg-cjj8-47qp","reference_id":"GHSA-c6qg-cjj8-47qp","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://github.com/advisories/GHSA-c6qg-cjj8-47qp"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231208-0016/","reference_id":"ntap-20231208-0016","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:22:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231208-0016/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1953","reference_id":"RHSA-2023:1953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1961","reference_id":"RHSA-2023:1961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1981","reference_id":"RHSA-2023:1981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2652","reference_id":"RHSA-2023:2652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3082","reference_id":"RHSA-2023:3082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3403","reference_id":"RHSA-2023:3403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3495","reference_id":"RHSA-2023:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://usn.ubuntu.com/6689-1/","reference_id":"USN-6689-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6689-1/"},{"reference_url":"https://usn.ubuntu.com/6905-1/","reference_id":"USN-6905-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6905-1/"},{"reference_url":"https://usn.ubuntu.com/7036-1/","reference_id":"USN-7036-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7036-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380846?format=json","purl":"pkg:gem/rack@2.2.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/380847?format=json","purl":"pkg:gem/rack@3.0.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@3.0.6.1"}],"aliases":["CVE-2023-27539","GHSA-c6qg-cjj8-47qp","GMS-2023-769"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzcy-yd29-x3fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4949?format=json","vulnerability_id":"VCID-fv6g-2b1r-zqbx","summary":"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16471.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16471.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16471","reference_id":"","reference_type":"","scores":[{"value":"0.00829","scoring_system":"epss","scoring_elements":"0.74976","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00829","scoring_system":"epss","scoring_elements":"0.75046","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00829","scoring_system":"epss","scoring_elements":"0.75059","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16471"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://groups.google.com/forum/#!topic/rubyonrails-security/GKsAFT924Ag","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rubyonrails-security/GKsAFT924Ag"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html"},{"reference_url":"https://usn.ubuntu.com/4089-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4089-1"},{"reference_url":"https://usn.ubuntu.com/4089-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4089-1/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646818","reference_id":"1646818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646818"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913005","reference_id":"913005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913005"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16471","reference_id":"CVE-2018-16471","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16471"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2018-16471.yml","reference_id":"CVE-2018-16471.YML","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2018-16471.yml"},{"reference_url":"https://github.com/advisories/GHSA-5r2p-j47h-mhpg","reference_id":"GHSA-5r2p-j47h-mhpg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5r2p-j47h-mhpg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14503?format=json","purl":"pkg:gem/rack@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-au1a-twy1-sqfn"},{"vulnerability":"VCID-ba2v-8zfm-auad"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-hnvx-fk27-9keb"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nc1s-g6qy-byfw"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-rube-m1vm-d7hd"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-ytrg-5hh7-7qcq"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.6"}],"aliases":["CVE-2018-16471","GHSA-5r2p-j47h-mhpg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fv6g-2b1r-zqbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6539?format=json","vulnerability_id":"VCID-rube-m1vm-d7hd","summary":"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16782.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16782","reference_id":"","reference_type":"","scores":[{"value":"0.00892","scoring_system":"epss","scoring_elements":"0.76101","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00892","scoring_system":"epss","scoring_elements":"0.76087","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00892","scoring_system":"epss","scoring_elements":"0.76016","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16782"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZXMWILCICQLA2BYSP6I2CRMUG53YBLX"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/12/18/2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/12/18/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/12/18/3","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/12/18/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/12/19/3","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/12/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/08/1","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2020/04/08/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/09/2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2020/04/09/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789100","reference_id":"1789100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946983","reference_id":"946983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946983"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16782","reference_id":"CVE-2019-16782","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16782"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2019-16782.yml","reference_id":"CVE-2019-16782.YML","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2019-16782.yml"},{"reference_url":"https://github.com/advisories/GHSA-hrqr-hxpp-chr3","reference_id":"GHSA-hrqr-hxpp-chr3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hrqr-hxpp-chr3"},{"reference_url":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3","reference_id":"GHSA-hrqr-hxpp-chr3","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2480","reference_id":"RHSA-2020:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4366","reference_id":"RHSA-2020:4366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1313","reference_id":"RHSA-2021:1313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1313"},{"reference_url":"https://usn.ubuntu.com/USN-5253-1/","reference_id":"USN-USN-5253-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5253-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15931?format=json","purl":"pkg:gem/rack@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22eh-9wun-h7b5"},{"vulnerability":"VCID-34sm-19kr-1uby"},{"vulnerability":"VCID-3srh-99bk-ruft"},{"vulnerability":"VCID-5a6b-yemd-mqgb"},{"vulnerability":"VCID-7m5s-fgj3-v3c5"},{"vulnerability":"VCID-7t6e-rm2b-s7a1"},{"vulnerability":"VCID-8fp2-gkct-2fcu"},{"vulnerability":"VCID-9h1q-9jzw-1bdk"},{"vulnerability":"VCID-abcn-y96c-dfe3"},{"vulnerability":"VCID-au1a-twy1-sqfn"},{"vulnerability":"VCID-ba2v-8zfm-auad"},{"vulnerability":"VCID-dfww-bthd-m3c5"},{"vulnerability":"VCID-dzcy-yd29-x3fm"},{"vulnerability":"VCID-e9ps-payd-abeu"},{"vulnerability":"VCID-eduz-d41z-ekfw"},{"vulnerability":"VCID-etn1-jujr-dkfu"},{"vulnerability":"VCID-fcfm-c4dz-v3es"},{"vulnerability":"VCID-gjjy-a7wb-qqaa"},{"vulnerability":"VCID-gsss-za6y-c7hk"},{"vulnerability":"VCID-guej-7tq7-fbb7"},{"vulnerability":"VCID-hnvx-fk27-9keb"},{"vulnerability":"VCID-mkxe-9gpy-ebdp"},{"vulnerability":"VCID-mqhf-duvt-7yfk"},{"vulnerability":"VCID-nc1s-g6qy-byfw"},{"vulnerability":"VCID-nd2m-v3wz-xfhw"},{"vulnerability":"VCID-nejs-mnc1-syc5"},{"vulnerability":"VCID-nesq-w996-akh4"},{"vulnerability":"VCID-q6h3-j4b9-4kfg"},{"vulnerability":"VCID-rb6e-p5hw-kfa6"},{"vulnerability":"VCID-s6ny-5vqq-uqg7"},{"vulnerability":"VCID-t2vh-fkgc-tba9"},{"vulnerability":"VCID-unav-qy3e-2bd5"},{"vulnerability":"VCID-vxsm-fcuq-y7e8"},{"vulnerability":"VCID-w8dy-4cvu-ckcm"},{"vulnerability":"VCID-wvjz-yynu-qbbf"},{"vulnerability":"VCID-ym3c-dbhb-e3fs"},{"vulnerability":"VCID-ytrg-5hh7-7qcq"},{"vulnerability":"VCID-yybg-erer-jfaw"},{"vulnerability":"VCID-zmuu-6s9z-cqd2"},{"vulnerability":"VCID-zv9m-9yhe-5uab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.8"}],"aliases":["CVE-2019-16782","GHSA-hrqr-hxpp-chr3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rube-m1vm-d7hd"}],"fixing_vulnerabilities":[],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.0.0"}