{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","type":"ebuild","namespace":"dev-lang","name":"ruby","version":"1.8.6_p287-r1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.8.6_p369","latest_non_vulnerable_version":"3.2.2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40990?format=json","vulnerability_id":"VCID-4yvc-uzev-wua4","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3655","reference_id":"","reference_type":"","scores":[{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96627","published_at":"2026-04-13T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96594","published_at":"2026-04-01T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96608","published_at":"2026-04-04T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.29733","scoring_system":"epss","scoring_elements":"0.96624","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3655"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/32372","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32372"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44369","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44369"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11602"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0895.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020656","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020656"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458948","reference_id":"458948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458948"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3655","reference_id":"CVE-2008-3655","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3655"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb","reference_id":"CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32224.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb","reference_id":"CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32223.rb"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0895","reference_id":"RHSA-2008:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0896","reference_id":"RHSA-2008:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-3655","GHSA-p524-ppf2-w36w"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-uzev-wua4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40987?format=json","vulnerability_id":"VCID-5bte-uex2-f7du","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2664","reference_id":"","reference_type":"","scores":[{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90922","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90872","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90887","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90908","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90915","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06265","scoring_system":"epss","scoring_elements":"0.90924","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2664"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43348","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43348"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450834","reference_id":"450834","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450834"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2664","reference_id":"CVE-2008-2664","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2664"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2664","GHSA-c4h6-p7gp-39x2","OSV-46552"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bte-uex2-f7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=json","vulnerability_id":"VCID-8fbf-8fea-27d9","summary":"Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n    spoofing of DNS replies.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"},{"reference_url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"},{"reference_url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447","reference_id":"","reference_type":"","scores":[{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99418","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99419","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.9942","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037","reference_id":"","reference_type":"","scores":[],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"},{"reference_url":"http://secunia.com/advisories/30925","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30925"},{"reference_url":"http://secunia.com/advisories/30973","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30973"},{"reference_url":"http://secunia.com/advisories/30977","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30977"},{"reference_url":"http://secunia.com/advisories/30979","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30979"},{"reference_url":"http://secunia.com/advisories/30980","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30980"},{"reference_url":"http://secunia.com/advisories/30988","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30988"},{"reference_url":"http://secunia.com/advisories/30989","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30989"},{"reference_url":"http://secunia.com/advisories/30998","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30998"},{"reference_url":"http://secunia.com/advisories/31011","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31011"},{"reference_url":"http://secunia.com/advisories/31012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31012"},{"reference_url":"http://secunia.com/advisories/31014","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31014"},{"reference_url":"http://secunia.com/advisories/31019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31019"},{"reference_url":"http://secunia.com/advisories/31022","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31022"},{"reference_url":"http://secunia.com/advisories/31030","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31030"},{"reference_url":"http://secunia.com/advisories/31031","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31031"},{"reference_url":"http://secunia.com/advisories/31033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31033"},{"reference_url":"http://secunia.com/advisories/31052","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31052"},{"reference_url":"http://secunia.com/advisories/31065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31065"},{"reference_url":"http://secunia.com/advisories/31072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31072"},{"reference_url":"http://secunia.com/advisories/31093","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31093"},{"reference_url":"http://secunia.com/advisories/31094","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31094"},{"reference_url":"http://secunia.com/advisories/31137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31137"},{"reference_url":"http://secunia.com/advisories/31143","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31143"},{"reference_url":"http://secunia.com/advisories/31151","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31151"},{"reference_url":"http://secunia.com/advisories/31152","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31152"},{"reference_url":"http://secunia.com/advisories/31153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31153"},{"reference_url":"http://secunia.com/advisories/31169","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31169"},{"reference_url":"http://secunia.com/advisories/31197","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31197"},{"reference_url":"http://secunia.com/advisories/31199","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31199"},{"reference_url":"http://secunia.com/advisories/31204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31204"},{"reference_url":"http://secunia.com/advisories/31207","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31207"},{"reference_url":"http://secunia.com/advisories/31209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31209"},{"reference_url":"http://secunia.com/advisories/31212","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31212"},{"reference_url":"http://secunia.com/advisories/31213","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31213"},{"reference_url":"http://secunia.com/advisories/31221","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31221"},{"reference_url":"http://secunia.com/advisories/31236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31236"},{"reference_url":"http://secunia.com/advisories/31237","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31237"},{"reference_url":"http://secunia.com/advisories/31254","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31254"},{"reference_url":"http://secunia.com/advisories/31326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31326"},{"reference_url":"http://secunia.com/advisories/31354","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31354"},{"reference_url":"http://secunia.com/advisories/31422","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31422"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31451","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31451"},{"reference_url":"http://secunia.com/advisories/31482","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31482"},{"reference_url":"http://secunia.com/advisories/31495","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31495"},{"reference_url":"http://secunia.com/advisories/31588","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31588"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/31823","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31823"},{"reference_url":"http://secunia.com/advisories/31882","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31882"},{"reference_url":"http://secunia.com/advisories/31900","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31900"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/33714","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33714"},{"reference_url":"http://secunia.com/advisories/33786","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33786"},{"reference_url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc","reference_id":"","reference_type":"","scores":[],"url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-08.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-08.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-25.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-25.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"},{"reference_url":"http://support.apple.com/kb/HT3026","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3026"},{"reference_url":"http://support.apple.com/kb/HT3129","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3129"},{"reference_url":"http://support.citrix.com/article/CTX117991","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX117991"},{"reference_url":"http://support.citrix.com/article/CTX118183","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX118183"},{"reference_url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152","reference_id":"","reference_type":"","scores":[],"url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"},{"reference_url":"https://www.exploit-db.com/exploits/6122","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6122"},{"reference_url":"https://www.exploit-db.com/exploits/6123","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6123"},{"reference_url":"https://www.exploit-db.com/exploits/6130","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6130"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html","reference_id":"","reference_type":"","scores":[],"url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"},{"reference_url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning","reference_id":"","reference_type":"","scores":[],"url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml","reference_id":"","reference_type":"","scores":[],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"},{"reference_url":"http://www.debian.org/security/2008/dsa-1603","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1603"},{"reference_url":"http://www.debian.org/security/2008/dsa-1604","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1604"},{"reference_url":"http://www.debian.org/security/2008/dsa-1605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1605"},{"reference_url":"http://www.debian.org/security/2008/dsa-1619","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1619"},{"reference_url":"http://www.debian.org/security/2008/dsa-1623","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1623"},{"reference_url":"http://www.doxpara.com/DMK_BO2K8.ppt","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/DMK_BO2K8.ppt"},{"reference_url":"http://www.doxpara.com/?p=1176","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/?p=1176"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"},{"reference_url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40","reference_id":"","reference_type":"","scores":[],"url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40"},{"reference_url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php"},{"reference_url":"http://www.kb.cert.org/vuls/id/800113","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/800113"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"},{"reference_url":"http://www.nominum.com/asset_upload_file741_2661.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.nominum.com/asset_upload_file741_2661.pdf"},{"reference_url":"http://www.novell.com/support/viewContent.do?externalId=7000912","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/support/viewContent.do?externalId=7000912"},{"reference_url":"http://www.openbsd.org/errata42.html#013_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata42.html#013_bind"},{"reference_url":"http://www.openbsd.org/errata43.html#004_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata43.html#004_bind"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html"},{"reference_url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30131"},{"reference_url":"http://www.securitytracker.com/id?1020437","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020437"},{"reference_url":"http://www.securitytracker.com/id?1020438","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020438"},{"reference_url":"http://www.securitytracker.com/id?1020440","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020440"},{"reference_url":"http://www.securitytracker.com/id?1020448","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020448"},{"reference_url":"http://www.securitytracker.com/id?1020449","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020449"},{"reference_url":"http://www.securitytracker.com/id?1020548","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020548"},{"reference_url":"http://www.securitytracker.com/id?1020558","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020558"},{"reference_url":"http://www.securitytracker.com/id?1020560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020560"},{"reference_url":"http://www.securitytracker.com/id?1020561","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020561"},{"reference_url":"http://www.securitytracker.com/id?1020575","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020575"},{"reference_url":"http://www.securitytracker.com/id?1020576","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020576"},{"reference_url":"http://www.securitytracker.com/id?1020577","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020577"},{"reference_url":"http://www.securitytracker.com/id?1020578","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020578"},{"reference_url":"http://www.securitytracker.com/id?1020579","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020579"},{"reference_url":"http://www.securitytracker.com/id?1020651","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020651"},{"reference_url":"http://www.securitytracker.com/id?1020653","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020653"},{"reference_url":"http://www.securitytracker.com/id?1020702","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020702"},{"reference_url":"http://www.securitytracker.com/id?1020802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020802"},{"reference_url":"http://www.securitytracker.com/id?1020804","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020804"},{"reference_url":"http://www.ubuntu.com/usn/usn-622-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-622-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-627-1"},{"reference_url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2019/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2019/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2023/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2023/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2025/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2025/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2029/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2029/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2030/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2030/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2050/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2050/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2051/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2051/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2052/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2052/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2055/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2055/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2092/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2092/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2113/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2113/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2114/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2114/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2123/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2123/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2139/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2139/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2166/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2166/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2195/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2195/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2196/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2196/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2197/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2197/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2268","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2268"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2291","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2291"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2342","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2342"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2377","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2377"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2383","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2383"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2384","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2384"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2466","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2466"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2467","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2467"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2482","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2482"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2525","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2525"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2549","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2549"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2558","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2558"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2582","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2582"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2584","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2584"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0297"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0311","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0311"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0622","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/0622"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345","reference_id":"449345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123","reference_id":"490123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465","reference_id":"492465","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698","reference_id":"492698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700","reference_id":"492700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599","reference_id":"493599","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447","reference_id":"CVE-2008-1447","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447"},{"reference_url":"https://security.gentoo.org/glsa/200807-08","reference_id":"GLSA-200807-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-08"},{"reference_url":"https://security.gentoo.org/glsa/200809-02","reference_id":"GLSA-200809-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-02"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://security.gentoo.org/glsa/200901-03","reference_id":"GLSA-200901-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200901-03"},{"reference_url":"https://security.gentoo.org/glsa/201209-25","reference_id":"GLSA-201209-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0533","reference_id":"RHSA-2008:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0789","reference_id":"RHSA-2008:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0789"},{"reference_url":"https://usn.ubuntu.com/622-1/","reference_id":"USN-622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/622-1/"},{"reference_url":"https://usn.ubuntu.com/627-1/","reference_id":"USN-627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-1447"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40988?format=json","vulnerability_id":"VCID-9gp6-pvw1-ufhs","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2725","reference_id":"","reference_type":"","scores":[{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85315","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.8532","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0249","scoring_system":"epss","scoring_elements":"0.85318","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86917","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03164","scoring_system":"epss","scoring_elements":"0.86902","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2725"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43350","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43350"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451821","reference_id":"451821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451821"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2725","reference_id":"CVE-2008-2725","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2725"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2725","GHSA-924x-9756-qq8p","OSV-46553"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40992?format=json","vulnerability_id":"VCID-a15m-bcma-vfa7","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3656","reference_id":"","reference_type":"","scores":[{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98626","published_at":"2026-04-13T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98611","published_at":"2026-04-01T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98613","published_at":"2026-04-02T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98618","published_at":"2026-04-07T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.9862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98624","published_at":"2026-04-11T12:55:00Z"},{"value":"0.68786","scoring_system":"epss","scoring_elements":"0.98625","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3656"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44371","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44371"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3656","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3656"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020654","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020654"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458953","reference_id":"458953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458953"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://www.securityfocus.com/bid/30644/info","reference_id":"CVE-2008-3657;OSVDB-47472;CVE-2008-3655;OSVDB-47470","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/30644/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb","reference_id":"CVE-2008-4310;OSVDB-47471;CVE-2008-3656","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/32222.rb"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-3656","GHSA-823x-6r7f-v9x6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a15m-bcma-vfa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40989?format=json","vulnerability_id":"VCID-c9sy-czbr-tfer","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2726","reference_id":"","reference_type":"","scores":[{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86154","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86159","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02819","scoring_system":"epss","scoring_elements":"0.86158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86225","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86192","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02858","scoring_system":"epss","scoring_elements":"0.86206","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2726"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43351","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43351"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451828","reference_id":"451828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451828"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2726","reference_id":"CVE-2008-2726","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2726"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2726","GHSA-v2mw-g73g-923h","OSV-46554"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9sy-czbr-tfer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40993?format=json","vulnerability_id":"VCID-fw7k-88kf-1kgg","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3657.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3657","reference_id":"","reference_type":"","scores":[{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.9584","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95813","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95821","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95832","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95836","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22517","scoring_system":"epss","scoring_elements":"0.95839","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3657"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31697","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31697"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44372","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44372"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3657","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3657"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495884/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30644","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30644"},{"reference_url":"http://www.securitytracker.com/id?1020652","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020652"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458966","reference_id":"458966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458966"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-3657","GHSA-5f6v-fgcw-j5px"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7k-88kf-1kgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40985?format=json","vulnerability_id":"VCID-jx79-wpg7-2yaa","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2662.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2662","reference_id":"","reference_type":"","scores":[{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.85973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.85985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86042","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2662"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43345","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43345"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601"},{"reference_url":"https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450821","reference_id":"450821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450821"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2662","reference_id":"CVE-2008-2662","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2662"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2662","GHSA-6wwf-x53r-5qqq","OSV-46550"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jx79-wpg7-2yaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40986?format=json","vulnerability_id":"VCID-mzqm-gc4w-fbfp","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2663","reference_id":"","reference_type":"","scores":[{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.8713","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.8714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87154","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03283","scoring_system":"epss","scoring_elements":"0.87189","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2663"},{"reference_url":"http://secunia.com/advisories/30802","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30802"},{"reference_url":"http://secunia.com/advisories/30831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30831"},{"reference_url":"http://secunia.com/advisories/30867","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30867"},{"reference_url":"http://secunia.com/advisories/30875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30875"},{"reference_url":"http://secunia.com/advisories/30894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30894"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43346","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43346"},{"reference_url":"https://issues.rpath.com/browse/RPL-2626","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2626"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524"},{"reference_url":"http://support.apple.com/kb/HT2163","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT2163"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities"},{"reference_url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.ruby-forum.com/topic/157034","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-forum.com/topic/157034"},{"reference_url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"},{"reference_url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/493688/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29903","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29903"},{"reference_url":"http://www.securitytracker.com/id?1020347","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020347"},{"reference_url":"http://www.ubuntu.com/usn/usn-621-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-621-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1907/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1907/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1981/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1981/references"},{"reference_url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=450825","reference_id":"450825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=450825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2663","reference_id":"CVE-2008-2663","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2663"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/621-1/","reference_id":"USN-621-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/621-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2663","GHSA-8rh4-h2wx-5jpx","OSV-46551"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzqm-gc4w-fbfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40984?format=json","vulnerability_id":"VCID-nsa4-b31c-37g2","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2376","reference_id":"","reference_type":"","scores":[{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93515","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.9354","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11359","scoring_system":"epss","scoring_elements":"0.93543","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2376"},{"reference_url":"http://secunia.com/advisories/30927","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30927"},{"reference_url":"http://secunia.com/advisories/31006","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31006"},{"reference_url":"http://secunia.com/advisories/31062","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31062"},{"reference_url":"http://secunia.com/advisories/31090","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31090"},{"reference_url":"http://secunia.com/advisories/31181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31181"},{"reference_url":"http://secunia.com/advisories/31256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31256"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://issues.rpath.com/browse/RPL-2639","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-2639"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2376","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2376"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863"},{"reference_url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756","reference_id":"","reference_type":"","scores":[],"url":"http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0218","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0218"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218"},{"reference_url":"http://www.debian.org/security/2008/dsa-1612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1612"},{"reference_url":"http://www.debian.org/security/2008/dsa-1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1618"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/02/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/02/3"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0561.html"},{"reference_url":"http://www.securityfocus.com/archive/1/494104/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/494104/100/0/threaded"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2584","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=453589","reference_id":"453589","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=453589"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6.230:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_8:1.8.6.230:*:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0561","reference_id":"RHSA-2008:0561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0562","reference_id":"RHSA-2008:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0562"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-2376","GHSA-f7wf-fwmg-r7g3"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsa4-b31c-37g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40996?format=json","vulnerability_id":"VCID-pegr-f5mh-ekdz","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3905","reference_id":"","reference_type":"","scores":[{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8706","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87007","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87037","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8703","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.8705","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87057","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03225","scoring_system":"epss","scoring_elements":"0.87065","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3905"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/32948","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32948"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45935","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45935"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3905","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3905"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10034"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/03/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/09/03/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/04/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/09/04/9"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/bid/31699","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31699"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461495","reference_id":"461495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461495"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:*:r18423:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0896","reference_id":"RHSA-2008:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-3905","GHSA-vwcj-mf69-7rfw"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pegr-f5mh-ekdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40995?format=json","vulnerability_id":"VCID-r8r3-3x8p-ebh5","summary":"Multiple vulnerabilities have been discovered in Ruby that allow for\n    attacks including arbitrary code execution and Denial of Service.","references":[{"reference_url":"http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca","reference_id":"","reference_type":"","scores":[],"url":"http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3790","reference_id":"","reference_type":"","scores":[{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96556","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96523","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96532","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96537","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96541","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96549","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96551","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28838","scoring_system":"epss","scoring_elements":"0.96554","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3790"},{"reference_url":"http://secunia.com/advisories/31602","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31602"},{"reference_url":"http://secunia.com/advisories/32165","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32165"},{"reference_url":"http://secunia.com/advisories/32219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32219"},{"reference_url":"http://secunia.com/advisories/32255","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32255"},{"reference_url":"http://secunia.com/advisories/32256","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32256"},{"reference_url":"http://secunia.com/advisories/32371","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32371"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/33185","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33185"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44628","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44628"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10393"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"},{"reference_url":"http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release","reference_id":"","reference_type":"","scores":[],"url":"http://weblog.rubyonrails.org/2008/9/3/rails-2-0-4-maintenance-release"},{"reference_url":"http://www.debian.org/security/2008/dsa-1651","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1651"},{"reference_url":"http://www.debian.org/security/2008/dsa-1652","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1652"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/25/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/25/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/26/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/26/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/26/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/26/4"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0897.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/"},{"reference_url":"http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/security/20080823rexml/rexml-expansion-fix.rb"},{"reference_url":"http://www.securityfocus.com/bid/30802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30802"},{"reference_url":"http://www.securitytracker.com/id?1020735","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020735"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2428","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2428"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2483","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2483"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=460134","reference_id":"460134","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460134"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p111:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p230:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p286:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p287:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:p36:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3790","reference_id":"CVE-2008-3790","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3790"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb","reference_id":"CVE-2008-3790;OSVDB-47753","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32292.rb"},{"reference_url":"https://www.securityfocus.com/bid/30802/info","reference_id":"CVE-2008-3790;OSVDB-47753","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/30802/info"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0897","reference_id":"RHSA-2008:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0897"},{"reference_url":"https://usn.ubuntu.com/651-1/","reference_id":"USN-651-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/651-1/"},{"reference_url":"https://usn.ubuntu.com/691-1/","reference_id":"USN-691-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/691-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75581?format=json","purl":"pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}],"aliases":["CVE-2008-3790","GHSA-96jc-f6m3-pf2w","OSV-47753"],"risk_score":9.0,"exploitability":"2.0","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8r3-3x8p-ebh5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1"}