Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

Type ebuild

Namespace dev-lang

Name ruby

Version 1.8.6_p287-r1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.8.6_p369

Latest_non_vulnerable_version 3.2.2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4yvc-uzev-wua4

vulnerability_id VCID-4yvc-uzev-wua4

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3655

reference_id

reference_type

scores

value	0.29733
scoring_system	epss
scoring_elements	0.96679
published_at	2026-05-14T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96594
published_at	2026-04-01T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96603
published_at	2026-04-02T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96608
published_at	2026-04-04T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96611
published_at	2026-04-07T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96619
published_at	2026-04-08T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96621
published_at	2026-04-09T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96624
published_at	2026-04-12T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96627
published_at	2026-04-13T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96633
published_at	2026-04-16T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96638
published_at	2026-04-18T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96642
published_at	2026-04-26T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96641
published_at	2026-04-24T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96644
published_at	2026-04-29T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96653
published_at	2026-05-05T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96656
published_at	2026-05-07T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96662
published_at	2026-05-09T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.96666
published_at	2026-05-11T12:55:00Z

value	0.29733
scoring_system	epss
scoring_elements	0.9667
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3655

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31697
reference_id
reference_type
scores
url	http://secunia.com/advisories/31697

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/32372
reference_id
reference_type
scores
url	http://secunia.com/advisories/32372

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44369
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44369

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0895.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0895.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495884/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30644

reference_url	http://www.securitytracker.com/id?1020656
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020656

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458948
reference_id	458948
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458948

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3655

reference_id

CVE-2008-3655

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3655

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb
reference_id	CVE-2008-3655;OSVDB-47470
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb
reference_id	CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0895
reference_id	RHSA-2008:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0895

reference_url	https://access.redhat.com/errata/RHSA-2008:0896
reference_id	RHSA-2008:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0896

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-3655, GHSA-p524-ppf2-w36w

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4

url VCID-5bte-uex2-f7du

vulnerability_id VCID-5bte-uex2-f7du

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2664

reference_id

reference_type

scores

value	0.06265
scoring_system	epss
scoring_elements	0.91018
published_at	2026-05-14T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90872
published_at	2026-04-01T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90877
published_at	2026-04-02T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90887
published_at	2026-04-04T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90897
published_at	2026-04-07T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90908
published_at	2026-04-08T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90915
published_at	2026-04-09T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90924
published_at	2026-04-12T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90922
published_at	2026-04-13T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90947
published_at	2026-04-16T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90945
published_at	2026-04-18T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90946
published_at	2026-04-21T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90958
published_at	2026-04-24T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90956
published_at	2026-04-26T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90954
published_at	2026-04-29T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90971
published_at	2026-05-05T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90987
published_at	2026-05-07T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.91001
published_at	2026-05-09T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.90999
published_at	2026-05-11T12:55:00Z

value	0.06265
scoring_system	epss
scoring_elements	0.91008
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2664

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43348
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43348

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=450834
reference_id	450834
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=450834

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2664

reference_id

CVE-2008-2664

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2664

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2664, GHSA-c4h6-p7gp-39x2, OSV-46552

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du

url VCID-8fbf-8fea-27d9

vulnerability_id VCID-8fbf-8fea-27d9

summary

Two vulnerabilities in dnsmasq might allow for a Denial of Service or
    spoofing of DNS replies.

references

reference_url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
reference_id
reference_type
scores
url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

reference_url	http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
reference_id
reference_type
scores
url	http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368

reference_url	http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

reference_url	http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
reference_id
reference_type
scores
url	http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	http://marc.info/?l=bugtraq&m=121630706004256&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=121630706004256&w=2

reference_url	http://marc.info/?l=bugtraq&m=121866517322103&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=121866517322103&w=2

reference_url	http://marc.info/?l=bugtraq&m=123324863916385&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123324863916385&w=2

reference_url	http://marc.info/?l=bugtraq&m=141879471518471&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=141879471518471&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0533.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0533.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1447

reference_id

reference_type

scores

value	0.86697
scoring_system	epss
scoring_elements	0.99432
published_at	2026-05-14T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99431
published_at	2026-05-12T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99417
published_at	2026-04-01T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99416
published_at	2026-04-02T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99418
published_at	2026-04-07T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99419
published_at	2026-04-08T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.9942
published_at	2026-04-09T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99422
published_at	2026-04-11T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99423
published_at	2026-04-13T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99425
published_at	2026-04-21T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99427
published_at	2026-04-29T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99428
published_at	2026-05-07T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99429
published_at	2026-05-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

reference_url	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
reference_id
reference_type
scores
url	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

reference_url	http://secunia.com/advisories/30925
reference_id
reference_type
scores
url	http://secunia.com/advisories/30925

reference_url	http://secunia.com/advisories/30973
reference_id
reference_type
scores
url	http://secunia.com/advisories/30973

reference_url	http://secunia.com/advisories/30977
reference_id
reference_type
scores
url	http://secunia.com/advisories/30977

reference_url	http://secunia.com/advisories/30979
reference_id
reference_type
scores
url	http://secunia.com/advisories/30979

reference_url	http://secunia.com/advisories/30980
reference_id
reference_type
scores
url	http://secunia.com/advisories/30980

reference_url	http://secunia.com/advisories/30988
reference_id
reference_type
scores
url	http://secunia.com/advisories/30988

reference_url	http://secunia.com/advisories/30989
reference_id
reference_type
scores
url	http://secunia.com/advisories/30989

reference_url	http://secunia.com/advisories/30998
reference_id
reference_type
scores
url	http://secunia.com/advisories/30998

reference_url	http://secunia.com/advisories/31011
reference_id
reference_type
scores
url	http://secunia.com/advisories/31011

reference_url	http://secunia.com/advisories/31012
reference_id
reference_type
scores
url	http://secunia.com/advisories/31012

reference_url	http://secunia.com/advisories/31014
reference_id
reference_type
scores
url	http://secunia.com/advisories/31014

reference_url	http://secunia.com/advisories/31019
reference_id
reference_type
scores
url	http://secunia.com/advisories/31019

reference_url	http://secunia.com/advisories/31022
reference_id
reference_type
scores
url	http://secunia.com/advisories/31022

reference_url	http://secunia.com/advisories/31030
reference_id
reference_type
scores
url	http://secunia.com/advisories/31030

reference_url	http://secunia.com/advisories/31031
reference_id
reference_type
scores
url	http://secunia.com/advisories/31031

reference_url	http://secunia.com/advisories/31033
reference_id
reference_type
scores
url	http://secunia.com/advisories/31033

reference_url	http://secunia.com/advisories/31052
reference_id
reference_type
scores
url	http://secunia.com/advisories/31052

reference_url	http://secunia.com/advisories/31065
reference_id
reference_type
scores
url	http://secunia.com/advisories/31065

reference_url	http://secunia.com/advisories/31072
reference_id
reference_type
scores
url	http://secunia.com/advisories/31072

reference_url	http://secunia.com/advisories/31093
reference_id
reference_type
scores
url	http://secunia.com/advisories/31093

reference_url	http://secunia.com/advisories/31094
reference_id
reference_type
scores
url	http://secunia.com/advisories/31094

reference_url	http://secunia.com/advisories/31137
reference_id
reference_type
scores
url	http://secunia.com/advisories/31137

reference_url	http://secunia.com/advisories/31143
reference_id
reference_type
scores
url	http://secunia.com/advisories/31143

reference_url	http://secunia.com/advisories/31151
reference_id
reference_type
scores
url	http://secunia.com/advisories/31151

reference_url	http://secunia.com/advisories/31152
reference_id
reference_type
scores
url	http://secunia.com/advisories/31152

reference_url	http://secunia.com/advisories/31153
reference_id
reference_type
scores
url	http://secunia.com/advisories/31153

reference_url	http://secunia.com/advisories/31169
reference_id
reference_type
scores
url	http://secunia.com/advisories/31169

reference_url	http://secunia.com/advisories/31197
reference_id
reference_type
scores
url	http://secunia.com/advisories/31197

reference_url	http://secunia.com/advisories/31199
reference_id
reference_type
scores
url	http://secunia.com/advisories/31199

reference_url	http://secunia.com/advisories/31204
reference_id
reference_type
scores
url	http://secunia.com/advisories/31204

reference_url	http://secunia.com/advisories/31207
reference_id
reference_type
scores
url	http://secunia.com/advisories/31207

reference_url	http://secunia.com/advisories/31209
reference_id
reference_type
scores
url	http://secunia.com/advisories/31209

reference_url	http://secunia.com/advisories/31212
reference_id
reference_type
scores
url	http://secunia.com/advisories/31212

reference_url	http://secunia.com/advisories/31213
reference_id
reference_type
scores
url	http://secunia.com/advisories/31213

reference_url	http://secunia.com/advisories/31221
reference_id
reference_type
scores
url	http://secunia.com/advisories/31221

reference_url	http://secunia.com/advisories/31236
reference_id
reference_type
scores
url	http://secunia.com/advisories/31236

reference_url	http://secunia.com/advisories/31237
reference_id
reference_type
scores
url	http://secunia.com/advisories/31237

reference_url	http://secunia.com/advisories/31254
reference_id
reference_type
scores
url	http://secunia.com/advisories/31254

reference_url	http://secunia.com/advisories/31326
reference_id
reference_type
scores
url	http://secunia.com/advisories/31326

reference_url	http://secunia.com/advisories/31354
reference_id
reference_type
scores
url	http://secunia.com/advisories/31354

reference_url	http://secunia.com/advisories/31422
reference_id
reference_type
scores
url	http://secunia.com/advisories/31422

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31451
reference_id
reference_type
scores
url	http://secunia.com/advisories/31451

reference_url	http://secunia.com/advisories/31482
reference_id
reference_type
scores
url	http://secunia.com/advisories/31482

reference_url	http://secunia.com/advisories/31495
reference_id
reference_type
scores
url	http://secunia.com/advisories/31495

reference_url	http://secunia.com/advisories/31588
reference_id
reference_type
scores
url	http://secunia.com/advisories/31588

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/31823
reference_id
reference_type
scores
url	http://secunia.com/advisories/31823

reference_url	http://secunia.com/advisories/31882
reference_id
reference_type
scores
url	http://secunia.com/advisories/31882

reference_url	http://secunia.com/advisories/31900
reference_id
reference_type
scores
url	http://secunia.com/advisories/31900

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/33714
reference_id
reference_type
scores
url	http://secunia.com/advisories/33714

reference_url	http://secunia.com/advisories/33786
reference_id
reference_type
scores
url	http://secunia.com/advisories/33786

reference_url	http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
reference_id
reference_type
scores
url	http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc

reference_url	http://security.gentoo.org/glsa/glsa-200807-08.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200807-08.xml

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	http://security.gentoo.org/glsa/glsa-201209-25.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201209-25.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43334
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43334

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43637
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43637

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

reference_url	http://support.apple.com/kb/HT3026
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3026

reference_url	http://support.apple.com/kb/HT3129
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3129

reference_url	http://support.citrix.com/article/CTX117991
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX117991

reference_url	http://support.citrix.com/article/CTX118183
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX118183

reference_url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
reference_id
reference_type
scores
url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

reference_url	https://www.exploit-db.com/exploits/6122
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6122

reference_url	https://www.exploit-db.com/exploits/6123
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6123

reference_url	https://www.exploit-db.com/exploits/6130
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6130

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

reference_url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

100

reference_url	http://up2date.astaro.com/2008/08/up2date_7202_released.html
reference_id
reference_type
scores
url	http://up2date.astaro.com/2008/08/up2date_7202_released.html

101

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

102

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

103

reference_url	http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
reference_id
reference_type
scores
url	http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

104

reference_url	http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
reference_id
reference_type
scores
url	http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

105

reference_url	http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
reference_id
reference_type
scores
url	http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

106

reference_url	http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
reference_id
reference_type
scores
url	http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml

107

reference_url	http://www.debian.org/security/2008/dsa-1603
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1603

108

reference_url	http://www.debian.org/security/2008/dsa-1604
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1604

109

reference_url	http://www.debian.org/security/2008/dsa-1605
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1605

110

reference_url	http://www.debian.org/security/2008/dsa-1619
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1619

111

reference_url	http://www.debian.org/security/2008/dsa-1623
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1623

112

reference_url	http://www.doxpara.com/DMK_BO2K8.ppt
reference_id
reference_type
scores
url	http://www.doxpara.com/DMK_BO2K8.ppt

113

reference_url	http://www.doxpara.com/?p=1176
reference_id
reference_type
scores
url	http://www.doxpara.com/?p=1176

114

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26667
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26667

115

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26668
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26668

116

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26669
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26669

117

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26670
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26670

118

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26671
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26671

119

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26672
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26672

120

reference_url	http://www.ipcop.org/index.php?name=News&file=article&sid=40
reference_id
reference_type
scores
url	http://www.ipcop.org/index.php?name=News&file=article&sid=40

121

reference_url	http://www.isc.org/index.pl?/sw/bind/bind-security.php
reference_id
reference_type
scores
url	http://www.isc.org/index.pl?/sw/bind/bind-security.php

122

reference_url	http://www.kb.cert.org/vuls/id/800113
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/800113

123

reference_url	http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/MIMG-7DWR4J

124

reference_url	http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q

125

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:139
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:139

126

reference_url	http://www.nominum.com/asset_upload_file741_2661.pdf
reference_id
reference_type
scores
url	http://www.nominum.com/asset_upload_file741_2661.pdf

127

reference_url	http://www.novell.com/support/viewContent.do?externalId=7000912
reference_id
reference_type
scores
url	http://www.novell.com/support/viewContent.do?externalId=7000912

128

reference_url	http://www.openbsd.org/errata42.html#013_bind
reference_id
reference_type
scores
url	http://www.openbsd.org/errata42.html#013_bind

129

reference_url	http://www.openbsd.org/errata43.html#004_bind
reference_id
reference_type
scores
url	http://www.openbsd.org/errata43.html#004_bind

130

reference_url	http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
reference_id
reference_type
scores
url	http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

131

reference_url	http://www.phys.uu.nl/~rombouts/pdnsd.html
reference_id
reference_type
scores
url	http://www.phys.uu.nl/~rombouts/pdnsd.html

132

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0789.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0789.html

133

reference_url	http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
reference_id
reference_type
scores
url	http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

134

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

135

reference_url	http://www.securityfocus.com/archive/1/495289/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495289/100/0/threaded

136

reference_url	http://www.securityfocus.com/archive/1/495869/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495869/100/0/threaded

137

reference_url	http://www.securityfocus.com/bid/30131
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30131

138

reference_url	http://www.securitytracker.com/id?1020437
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020437

139

reference_url	http://www.securitytracker.com/id?1020438
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020438

140

reference_url	http://www.securitytracker.com/id?1020440
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020440

141

reference_url	http://www.securitytracker.com/id?1020448
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020448

142

reference_url	http://www.securitytracker.com/id?1020449
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020449

143

reference_url	http://www.securitytracker.com/id?1020548
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020548

144

reference_url	http://www.securitytracker.com/id?1020558
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020558

145

reference_url	http://www.securitytracker.com/id?1020560
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020560

146

reference_url	http://www.securitytracker.com/id?1020561
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020561

147

reference_url	http://www.securitytracker.com/id?1020575
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020575

148

reference_url	http://www.securitytracker.com/id?1020576
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020576

149

reference_url	http://www.securitytracker.com/id?1020577
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020577

150

reference_url	http://www.securitytracker.com/id?1020578
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020578

151

reference_url	http://www.securitytracker.com/id?1020579
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020579

152

reference_url	http://www.securitytracker.com/id?1020651
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020651

153

reference_url	http://www.securitytracker.com/id?1020653
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020653

154

reference_url	http://www.securitytracker.com/id?1020702
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020702

155

reference_url	http://www.securitytracker.com/id?1020802
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020802

156

reference_url	http://www.securitytracker.com/id?1020804
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020804

157

reference_url	http://www.ubuntu.com/usn/usn-622-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-622-1

158

reference_url	http://www.ubuntu.com/usn/usn-627-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-627-1

159

reference_url	http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
reference_id
reference_type
scores
url	http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

160

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-190A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-190A.html

161

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-190B.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-190B.html

162

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html

163

reference_url	http://www.vmware.com/security/advisories/VMSA-2008-0014.html
reference_id
reference_type
scores
url	http://www.vmware.com/security/advisories/VMSA-2008-0014.html

164

reference_url	http://www.vupen.com/english/advisories/2008/2019/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2019/references

165

reference_url	http://www.vupen.com/english/advisories/2008/2023/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2023/references

166

reference_url	http://www.vupen.com/english/advisories/2008/2025/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2025/references

167

reference_url	http://www.vupen.com/english/advisories/2008/2029/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2029/references

168

reference_url	http://www.vupen.com/english/advisories/2008/2030/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2030/references

169

reference_url	http://www.vupen.com/english/advisories/2008/2050/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2050/references

170

reference_url	http://www.vupen.com/english/advisories/2008/2051/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2051/references

171

reference_url	http://www.vupen.com/english/advisories/2008/2052/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2052/references

172

reference_url	http://www.vupen.com/english/advisories/2008/2055/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2055/references

173

reference_url	http://www.vupen.com/english/advisories/2008/2092/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2092/references

174

reference_url	http://www.vupen.com/english/advisories/2008/2113/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2113/references

175

reference_url	http://www.vupen.com/english/advisories/2008/2114/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2114/references

176

reference_url	http://www.vupen.com/english/advisories/2008/2123/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2123/references

177

reference_url	http://www.vupen.com/english/advisories/2008/2139/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2139/references

178

reference_url	http://www.vupen.com/english/advisories/2008/2166/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2166/references

179

reference_url	http://www.vupen.com/english/advisories/2008/2195/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2195/references

180

reference_url	http://www.vupen.com/english/advisories/2008/2196/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2196/references

181

reference_url	http://www.vupen.com/english/advisories/2008/2197/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2197/references

182

reference_url	http://www.vupen.com/english/advisories/2008/2268
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2268

183

reference_url	http://www.vupen.com/english/advisories/2008/2291
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2291

184

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

185

reference_url	http://www.vupen.com/english/advisories/2008/2342
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2342

186

reference_url	http://www.vupen.com/english/advisories/2008/2377
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2377

187

reference_url	http://www.vupen.com/english/advisories/2008/2383
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2383

188

reference_url	http://www.vupen.com/english/advisories/2008/2384
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2384

189

reference_url	http://www.vupen.com/english/advisories/2008/2466
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2466

190

reference_url	http://www.vupen.com/english/advisories/2008/2467
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2467

191

reference_url	http://www.vupen.com/english/advisories/2008/2482
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2482

192

reference_url	http://www.vupen.com/english/advisories/2008/2525
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2525

193

reference_url	http://www.vupen.com/english/advisories/2008/2549
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2549

194

reference_url	http://www.vupen.com/english/advisories/2008/2558
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2558

195

reference_url	http://www.vupen.com/english/advisories/2008/2582
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2582

196

reference_url	http://www.vupen.com/english/advisories/2008/2584
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2584

197

reference_url	http://www.vupen.com/english/advisories/2009/0297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0297

198

reference_url	http://www.vupen.com/english/advisories/2009/0311
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0311

199

reference_url	http://www.vupen.com/english/advisories/2010/0622
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/0622

200

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=449345
reference_id	449345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=449345

201

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123
reference_id	490123
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123

202

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465
reference_id	492465
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465

203

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698
reference_id	492698
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698

204

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700
reference_id	492700
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700

205

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599
reference_id	493599
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599

206

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:::::::*
reference_id	cpe:2.3:a:isc:bind:4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:::::::*

207

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:::::::*
reference_id	cpe:2.3:a:isc:bind:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:::::::*

208

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:::::::*
reference_id	cpe:2.3:a:isc:bind:9.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:::::::*

209

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

210

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

211

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

212

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:::::::*
reference_id	cpe:2.3:o:cisco:ios:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:::::::*

214

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

215

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000::sp4::::::*
reference_id	cpe:2.3:o:microsoft:windows_2000::sp4::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000::sp4::::::*

216

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:

217

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:

218

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:

219

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:

220

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:

221

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:

222

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:

223

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:

224

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:

225

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:

226

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:

227

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:

228

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:

229

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:

230

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:

231

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:

232

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:
reference_id	cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:

233

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp::sp2::::::*
reference_id	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp::sp2::::::*

234

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
reference_id	cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3::::::

235

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::

236

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::

237

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::

238

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

239

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:5::client:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client:::::

240

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::

241

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-1447

reference_id

CVE-2008-1447

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-1447

242

reference_url	https://security.gentoo.org/glsa/200807-08
reference_id	GLSA-200807-08
reference_type
scores
url	https://security.gentoo.org/glsa/200807-08

243

reference_url	https://security.gentoo.org/glsa/200809-02
reference_id	GLSA-200809-02
reference_type
scores
url	https://security.gentoo.org/glsa/200809-02

244

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

245

reference_url	https://security.gentoo.org/glsa/200901-03
reference_id	GLSA-200901-03
reference_type
scores
url	https://security.gentoo.org/glsa/200901-03

246

reference_url	https://security.gentoo.org/glsa/201209-25
reference_id	GLSA-201209-25
reference_type
scores
url	https://security.gentoo.org/glsa/201209-25

247

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb

248

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py

249

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c

250

reference_url	https://access.redhat.com/errata/RHSA-2008:0533
reference_id	RHSA-2008:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0533

251

reference_url	https://access.redhat.com/errata/RHSA-2008:0789
reference_id	RHSA-2008:0789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0789

252

reference_url	https://usn.ubuntu.com/622-1/
reference_id	USN-622-1
reference_type
scores
url	https://usn.ubuntu.com/622-1/

253

reference_url	https://usn.ubuntu.com/627-1/
reference_id	USN-627-1
reference_type
scores
url	https://usn.ubuntu.com/627-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-1447

risk_score 10.0

exploitability 2.0

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9

url VCID-9gp6-pvw1-ufhs

vulnerability_id VCID-9gp6-pvw1-ufhs

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2725

reference_id

reference_type

scores

value	0.0249
scoring_system	epss
scoring_elements	0.85468
published_at	2026-05-14T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85364
published_at	2026-04-29T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85378
published_at	2026-05-05T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85404
published_at	2026-05-07T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85422
published_at	2026-05-09T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85417
published_at	2026-05-11T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.8543
published_at	2026-05-12T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85305
published_at	2026-04-09T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.8532
published_at	2026-04-11T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85318
published_at	2026-04-12T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85315
published_at	2026-04-13T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85335
published_at	2026-04-16T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85336
published_at	2026-04-18T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85333
published_at	2026-04-21T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85356
published_at	2026-04-24T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85365
published_at	2026-04-26T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86873
published_at	2026-04-01T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86884
published_at	2026-04-02T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86902
published_at	2026-04-04T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86897
published_at	2026-04-07T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86917
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2725

reference_url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
reference_id
reference_type
scores
url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43350
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43350

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451821
reference_id	451821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2725

reference_id

CVE-2008-2725

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2725

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2725, GHSA-924x-9756-qq8p, OSV-46553

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs

url VCID-a15m-bcma-vfa7

vulnerability_id VCID-a15m-bcma-vfa7

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3656

reference_id

reference_type

scores

value	0.65085
scoring_system	epss
scoring_elements	0.98499
published_at	2026-05-14T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98483
published_at	2026-04-16T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98484
published_at	2026-04-21T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98488
published_at	2026-04-29T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98493
published_at	2026-05-11T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98496
published_at	2026-05-09T12:55:00Z

value	0.65085
scoring_system	epss
scoring_elements	0.98495
published_at	2026-05-12T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98611
published_at	2026-04-01T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98626
published_at	2026-04-13T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98625
published_at	2026-04-12T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98613
published_at	2026-04-02T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98616
published_at	2026-04-04T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98618
published_at	2026-04-07T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.9862
published_at	2026-04-08T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98622
published_at	2026-04-09T12:55:00Z

value	0.68786
scoring_system	epss
scoring_elements	0.98624
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3656

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31697
reference_id
reference_type
scores
url	http://secunia.com/advisories/31697

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44371
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44371

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3656

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3656

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495884/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30644

reference_url	http://www.securitytracker.com/id?1020654
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020654

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458953
reference_id	458953
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458953

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*

reference_url	https://www.securityfocus.com/bid/30644/info
reference_id	CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/30644/info

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb
reference_id	CVE-2008-4310;OSVDB-47471;CVE-2008-3656
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-3656, GHSA-823x-6r7f-v9x6

risk_score 10.0

exploitability 2.0

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7

url VCID-c9sy-czbr-tfer

vulnerability_id VCID-c9sy-czbr-tfer

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2726

reference_id

reference_type

scores

value	0.02819
scoring_system	epss
scoring_elements	0.86305
published_at	2026-05-14T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86218
published_at	2026-05-05T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86239
published_at	2026-05-07T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86258
published_at	2026-05-09T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86255
published_at	2026-05-11T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86268
published_at	2026-05-12T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86145
published_at	2026-04-09T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86159
published_at	2026-04-11T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86158
published_at	2026-04-12T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86154
published_at	2026-04-13T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86171
published_at	2026-04-16T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86176
published_at	2026-04-18T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86168
published_at	2026-04-21T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86189
published_at	2026-04-24T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86198
published_at	2026-04-29T12:55:00Z

value	0.02858
scoring_system	epss
scoring_elements	0.86182
published_at	2026-04-01T12:55:00Z

value	0.02858
scoring_system	epss
scoring_elements	0.86192
published_at	2026-04-02T12:55:00Z

value	0.02858
scoring_system	epss
scoring_elements	0.86206
published_at	2026-04-07T12:55:00Z

value	0.02858
scoring_system	epss
scoring_elements	0.86225
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2726

reference_url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
reference_id
reference_type
scores
url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43351
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43351

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460
reference_id
reference_type
scores
url	http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451828
reference_id	451828
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451828

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2726

reference_id

CVE-2008-2726

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2726

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2726, GHSA-v2mw-g73g-923h, OSV-46554

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer

url VCID-fw7k-88kf-1kgg

vulnerability_id VCID-fw7k-88kf-1kgg

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3657

reference_id

reference_type

scores

value	0.22517
scoring_system	epss
scoring_elements	0.95903
published_at	2026-05-14T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95804
published_at	2026-04-01T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95813
published_at	2026-04-02T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95821
published_at	2026-04-04T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95823
published_at	2026-04-07T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95832
published_at	2026-04-08T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95836
published_at	2026-04-09T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95839
published_at	2026-04-12T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.9584
published_at	2026-04-13T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95852
published_at	2026-04-16T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95858
published_at	2026-04-18T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.9586
published_at	2026-04-21T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95862
published_at	2026-04-26T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95863
published_at	2026-04-29T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95875
published_at	2026-05-05T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95877
published_at	2026-05-07T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95882
published_at	2026-05-09T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95886
published_at	2026-05-11T12:55:00Z

value	0.22517
scoring_system	epss
scoring_elements	0.95891
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3657

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31697
reference_id
reference_type
scores
url	http://secunia.com/advisories/31697

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44372
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44372

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3657

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3657

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://www.securityfocus.com/archive/1/495884/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495884/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30644
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30644

reference_url	http://www.securitytracker.com/id?1020652
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020652

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458966
reference_id	458966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458966

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:::::::*

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-3657, GHSA-5f6v-fgcw-j5px

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg

url VCID-jx79-wpg7-2yaa

vulnerability_id VCID-jx79-wpg7-2yaa

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2662

reference_id

reference_type

scores

value	0.02771
scoring_system	epss
scoring_elements	0.86188
published_at	2026-05-14T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.85973
published_at	2026-04-01T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.85985
published_at	2026-04-02T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86001
published_at	2026-04-04T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86
published_at	2026-04-07T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.8602
published_at	2026-04-08T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.8603
published_at	2026-04-09T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86044
published_at	2026-04-11T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86042
published_at	2026-04-12T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86037
published_at	2026-04-13T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86055
published_at	2026-04-16T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.8606
published_at	2026-04-18T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86052
published_at	2026-04-21T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86072
published_at	2026-04-24T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86082
published_at	2026-04-26T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86081
published_at	2026-04-29T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86101
published_at	2026-05-05T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86122
published_at	2026-05-07T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.8614
published_at	2026-05-09T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86136
published_at	2026-05-11T12:55:00Z

value	0.02771
scoring_system	epss
scoring_elements	0.86149
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2662

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43345
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43345

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601

reference_url	https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=450821
reference_id	450821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=450821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2662

reference_id

CVE-2008-2662

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2662

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2662, GHSA-6wwf-x53r-5qqq, OSV-46550

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa

url VCID-mzqm-gc4w-fbfp

vulnerability_id VCID-mzqm-gc4w-fbfp

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2663

reference_id

reference_type

scores

value	0.03283
scoring_system	epss
scoring_elements	0.87322
published_at	2026-05-14T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.8713
published_at	2026-04-01T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.8714
published_at	2026-04-02T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87157
published_at	2026-04-04T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87154
published_at	2026-04-07T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87174
published_at	2026-04-08T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87182
published_at	2026-04-09T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87195
published_at	2026-04-11T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87189
published_at	2026-04-12T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87185
published_at	2026-04-13T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.872
published_at	2026-04-16T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87205
published_at	2026-04-18T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87199
published_at	2026-04-21T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87217
published_at	2026-04-24T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87223
published_at	2026-04-26T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87226
published_at	2026-04-29T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87246
published_at	2026-05-05T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87259
published_at	2026-05-07T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87278
published_at	2026-05-09T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87272
published_at	2026-05-11T12:55:00Z

value	0.03283
scoring_system	epss
scoring_elements	0.87287
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2663

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43346
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43346

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=450825
reference_id	450825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=450825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2663

reference_id

CVE-2008-2663

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2663

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2663, GHSA-8rh4-h2wx-5jpx, OSV-46551

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp

url VCID-nsa4-b31c-37g2

vulnerability_id VCID-nsa4-b31c-37g2

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2376

reference_id

reference_type

scores

value	0.11359
scoring_system	epss
scoring_elements	0.93632
published_at	2026-05-14T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93515
published_at	2026-04-01T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93524
published_at	2026-04-02T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93532
published_at	2026-04-07T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.9354
published_at	2026-04-08T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93543
published_at	2026-04-09T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93549
published_at	2026-04-13T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93569
published_at	2026-04-16T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93574
published_at	2026-04-18T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93579
published_at	2026-04-21T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93584
published_at	2026-04-24T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93583
published_at	2026-04-26T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93581
published_at	2026-04-29T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93589
published_at	2026-05-05T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93602
published_at	2026-05-07T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93613
published_at	2026-05-11T12:55:00Z

value	0.11359
scoring_system	epss
scoring_elements	0.93619
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2376

reference_url	http://secunia.com/advisories/30927
reference_id
reference_type
scores
url	http://secunia.com/advisories/30927

reference_url	http://secunia.com/advisories/31006
reference_id
reference_type
scores
url	http://secunia.com/advisories/31006

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://issues.rpath.com/browse/RPL-2639
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2639

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2376

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2376

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863

reference_url	http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756
reference_id
reference_type
scores
url	http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html

reference_url	http://wiki.rpath.com/Advisories:rPSA-2008-0218
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2008-0218

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.openwall.com/lists/oss-security/2008/07/02/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/02/3

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.securityfocus.com/archive/1/494104/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/494104/100/0/threaded

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html

reference_url	http://www.vupen.com/english/advisories/2008/2584
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=453589
reference_id	453589
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=453589

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6.230:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:::::::*
reference_id	cpe:2.3:o:redhat:fedora_8:1.8.6.230:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:::::::*

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-2376, GHSA-f7wf-fwmg-r7g3

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2

url VCID-pegr-f5mh-ekdz

vulnerability_id VCID-pegr-f5mh-ekdz

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3905

reference_id

reference_type

scores

value	0.03225
scoring_system	epss
scoring_elements	0.87199
published_at	2026-05-14T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87007
published_at	2026-04-01T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87018
published_at	2026-04-02T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87037
published_at	2026-04-04T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.8703
published_at	2026-04-07T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.8705
published_at	2026-04-08T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87057
published_at	2026-04-09T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87071
published_at	2026-04-11T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87065
published_at	2026-04-12T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.8706
published_at	2026-04-13T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87076
published_at	2026-04-16T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.8708
published_at	2026-04-18T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87077
published_at	2026-04-21T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87096
published_at	2026-04-24T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87102
published_at	2026-04-29T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87122
published_at	2026-05-05T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87137
published_at	2026-05-07T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87155
published_at	2026-05-09T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.8715
published_at	2026-05-11T12:55:00Z

value	0.03225
scoring_system	epss
scoring_elements	0.87165
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3905

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/32948
reference_id
reference_type
scores
url	http://secunia.com/advisories/32948

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/45935
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/45935

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3905

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3905

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.openwall.com/lists/oss-security/2008/09/03/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/09/03/3

reference_url	http://www.openwall.com/lists/oss-security/2008/09/04/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/09/04/9

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

reference_url	http://www.securityfocus.com/bid/31699
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/31699

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=461495
reference_id	461495
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=461495

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::p286::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby::p286::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::p286::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::p71::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby::p71::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::p71::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::r18423::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby::r18423::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::r18423::::::*

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0896
reference_id	RHSA-2008:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0896

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-3905, GHSA-vwcj-mf69-7rfw

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz

url VCID-r8r3-3x8p-ebh5

vulnerability_id VCID-r8r3-3x8p-ebh5

summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

references

reference_url	http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca
reference_id
reference_type
scores
url	http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3790

reference_id

reference_type

scores

value	0.28838
scoring_system	epss
scoring_elements	0.96606
published_at	2026-05-14T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96523
published_at	2026-04-01T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96532
published_at	2026-04-02T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96537
published_at	2026-04-04T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96541
published_at	2026-04-07T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96549
published_at	2026-04-08T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96551
published_at	2026-04-09T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96554
published_at	2026-04-12T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96556
published_at	2026-04-13T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96563
published_at	2026-04-16T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96569
published_at	2026-04-18T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96571
published_at	2026-04-21T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96572
published_at	2026-04-24T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96573
published_at	2026-04-26T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96574
published_at	2026-04-29T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96581
published_at	2026-05-05T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96583
published_at	2026-05-07T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96589
published_at	2026-05-09T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96592
published_at	2026-05-11T12:55:00Z

value	0.28838
scoring_system	epss
scoring_elements	0.96597
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3790

reference_url	http://secunia.com/advisories/31602
reference_id
reference_type
scores
url	http://secunia.com/advisories/31602

reference_url	http://secunia.com/advisories/32165
reference_id
reference_type
scores
url	http://secunia.com/advisories/32165

reference_url	http://secunia.com/advisories/32219
reference_id
reference_type
scores
url	http://secunia.com/advisories/32219

reference_url	http://secunia.com/advisories/32255
reference_id
reference_type
scores
url	http://secunia.com/advisories/32255

reference_url	http://secunia.com/advisories/32256
reference_id
reference_type
scores
url	http://secunia.com/advisories/32256

reference_url	http://secunia.com/advisories/32371
reference_id
reference_type
scores
url	http://secunia.com/advisories/32371

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/33185
reference_id
reference_type
scores
url	http://secunia.com/advisories/33185

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44628
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44628

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

reference_url	https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml

reference_url	http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release

reference_url	http://www.debian.org/security/2008/dsa-1651
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1651

reference_url	http://www.debian.org/security/2008/dsa-1652
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1652

reference_url	http://www.openwall.com/lists/oss-security/2008/08/25/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/25/4

reference_url	http://www.openwall.com/lists/oss-security/2008/08/26/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/26/1

reference_url	http://www.openwall.com/lists/oss-security/2008/08/26/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/26/4

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0897.html

reference_url	http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/

reference_url	http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb
reference_id
reference_type
scores
url	http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb

reference_url	http://www.securityfocus.com/bid/30802
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30802

reference_url	http://www.securitytracker.com/id?1020735
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020735

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2428
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2428

reference_url	http://www.vupen.com/english/advisories/2008/2483
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2483

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=460134
reference_id	460134
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=460134

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p287::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:p72::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_id	cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:::::::*
reference_id	cpe:2.3:a:ruby-lang:ruby:1.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3790

reference_id

CVE-2008-3790

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3790

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb
reference_id	CVE-2008-3790;OSVDB-47753
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb

reference_url	https://www.securityfocus.com/bid/30802/info
reference_id	CVE-2008-3790;OSVDB-47753
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/30802/info

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0897
reference_id	RHSA-2008:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0897

reference_url	https://usn.ubuntu.com/651-1/
reference_id	USN-651-1
reference_type
scores
url	https://usn.ubuntu.com/651-1/

reference_url	https://usn.ubuntu.com/691-1/
reference_id	USN-691-1
reference_type
scores
url	https://usn.ubuntu.com/691-1/

fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

aliases CVE-2008-3790, GHSA-96jc-f6m3-pf2w, OSV-47753

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8r3-3x8p-ebh5

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

Package Instance