{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","type":"deb","namespace":"debian","name":"ruby-rack","version":"1.4.1-2.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.5.2-4","latest_non_vulnerable_version":"3.2.6-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6771?format=json","vulnerability_id":"VCID-35e6-cpn8-w7h1","summary":"Symlink path traversal in Rack::File\nAffected versions allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka \"symlink path traversals.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0262","reference_id":"","reference_type":"","scores":[{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79377","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79388","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79403","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.7938","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79345","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79335","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79579","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79503","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.7951","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79525","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.7954","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79561","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909072","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262"},{"reference_url":"http://secunia.com/advisories/52033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52033"},{"reference_url":"https://gist.github.com/rentzsch/4736940","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/rentzsch/4736940"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56"},{"reference_url":"https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0262","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0262"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173","reference_id":"700173","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-85r7-w5mv-c849","reference_id":"GHSA-85r7-w5mv-c849","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-85r7-w5mv-c849"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938322?format=json","purl":"pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938320?format=json","purl":"pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938325?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938323?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9rpp-9xss-duf6"},{"vulnerability":"VCID-skxv-7he3-xqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938324?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059652?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie"}],"aliases":["CVE-2013-0262","GHSA-85r7-w5mv-c849","OSV-89938"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e6-cpn8-w7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6786?format=json","vulnerability_id":"VCID-91xe-ev7t-akb9","summary":"Uncontrolled Resource Consumption\nlib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.","references":[{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-6109"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74634","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74524","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74497","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74535","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7457","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74577","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74576","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74578","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74608","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7445","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7448","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74455","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74487","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/blob/master/README.rdoc","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/blob/master/README.rdoc"},{"reference_url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109","reference_id":"CVE-2012-6109","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109"},{"reference_url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h","reference_id":"GHSA-h77x-m5q8-c29h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938322?format=json","purl":"pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938320?format=json","purl":"pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938325?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938323?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9rpp-9xss-duf6"},{"vulnerability":"VCID-skxv-7he3-xqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938324?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059652?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie"}],"aliases":["CVE-2012-6109","GHSA-h77x-m5q8-c29h","OSV-89317"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91xe-ev7t-akb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6788?format=json","vulnerability_id":"VCID-9uh8-upzm-7bgd","summary":"Uncontrolled Resource Consumption\nUnspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to \"symbolized arbitrary strings.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0548","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0548"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0184"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71649","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71552","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71589","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71579","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71614","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71463","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7147","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71487","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71535","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71519","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71547","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184","reference_id":"CVE-2013-0184","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184"},{"reference_url":"https://github.com/advisories/GHSA-v882-ccj6-jc48","reference_id":"GHSA-v882-ccj6-jc48","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v882-ccj6-jc48"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938322?format=json","purl":"pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938320?format=json","purl":"pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938325?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938323?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9rpp-9xss-duf6"},{"vulnerability":"VCID-skxv-7he3-xqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938324?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059652?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie"}],"aliases":["CVE-2013-0184","GHSA-v882-ccj6-jc48","OSV-89327"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uh8-upzm-7bgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6789?format=json","vulnerability_id":"VCID-teq8-nqhf-xbbq","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nmultipart/parser.rb in Rack allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rack.github.com"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0183"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82874","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82885","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82881","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8292","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82921","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82924","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82944","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82954","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82958","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82999","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82816","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82842","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff"},{"reference_url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183","reference_id":"CVE-2013-0183","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183"},{"reference_url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w","reference_id":"GHSA-3pxh-h8hw-mj8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938322?format=json","purl":"pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938320?format=json","purl":"pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938325?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938323?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9rpp-9xss-duf6"},{"vulnerability":"VCID-skxv-7he3-xqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938324?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059652?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie"}],"aliases":["CVE-2013-0183","GHSA-3pxh-h8hw-mj8w","OSV-89320"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-teq8-nqhf-xbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6770?format=json","vulnerability_id":"VCID-y12d-fjpf-uubh","summary":"Timing attack against Rack::Session::Cookie\nAffected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0263","reference_id":"","reference_type":"","scores":[{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.9245","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92441","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92432","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92428","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92416","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92413","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92398","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94831","published_at":"2026-05-09T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94801","published_at":"2026-04-21T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94804","published_at":"2026-04-26T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94805","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94813","published_at":"2026-05-05T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94821","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0263"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263"},{"reference_url":"http://secunia.com/advisories/52033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52033"},{"reference_url":"http://secunia.com/advisories/52134","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52134"},{"reference_url":"http://secunia.com/advisories/52774","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52774"},{"reference_url":"https://gist.github.com/codahale/f9f3781f7b54985bee94","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/codahale/f9f3781f7b54985bee94"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07"},{"reference_url":"https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11"},{"reference_url":"https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0263","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0263"},{"reference_url":"https://puppet.com/security/cve/cve-2013-0263","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2013-0263"},{"reference_url":"https://twitter.com/coda/statuses/299732877745197056","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/coda/statuses/299732877745197056"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"http://www.osvdb.org/89939","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/89939"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226","reference_id":"700226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-xc85-32mf-xpv8","reference_id":"GHSA-xc85-32mf-xpv8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc85-32mf-xpv8"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0686","reference_id":"RHSA-2013:0686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0686"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/938326?format=json","purl":"pkg:deb/debian/ruby-rack@1.4.1-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938322?format=json","purl":"pkg:deb/debian/ruby-rack@2.1.4-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.1.4-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938320?format=json","purl":"pkg:deb/debian/ruby-rack@2.2.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@2.2.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938325?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938323?format=json","purl":"pkg:deb/debian/ruby-rack@3.1.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9rpp-9xss-duf6"},{"vulnerability":"VCID-skxv-7he3-xqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.1.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938324?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j61-5e8x-7fbd"},{"vulnerability":"VCID-2p73-rc9t-rudb"},{"vulnerability":"VCID-2qba-a6bp-ryak"},{"vulnerability":"VCID-5twm-pqc2-xyfn"},{"vulnerability":"VCID-dh75-6jyw-1ke2"},{"vulnerability":"VCID-j34j-bgfd-8fez"},{"vulnerability":"VCID-jg77-mm5c-gydu"},{"vulnerability":"VCID-m98a-mcyb-c7fm"},{"vulnerability":"VCID-metf-cghw-p3b5"},{"vulnerability":"VCID-p3dk-p1gb-kkem"},{"vulnerability":"VCID-pbu7-4hdm-s3a6"},{"vulnerability":"VCID-pnz8-yes1-pfc7"},{"vulnerability":"VCID-wvs1-dhwp-ebat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059652?format=json","purl":"pkg:deb/debian/ruby-rack@3.2.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@3.2.6-2%3Fdistro=trixie"}],"aliases":["CVE-2013-0263","GHSA-xc85-32mf-xpv8","OSV-89939"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y12d-fjpf-uubh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-rack@1.4.1-2.1%3Fdistro=trixie"}