{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10299?format=json","vulnerability_id":"VCID-q6zt-ft1w-8ka1","summary":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nDirectory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.","aliases":[{"alias":"CVE-2012-2139"},{"alias":"GHSA-cj92-c4fj-w9c5"},{"alias":"OSV-81631"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206174?format=json","purl":"pkg:deb/debian/ruby-mail@2.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/206175?format=json","purl":"pkg:deb/debian/ruby-mail@2.7.1%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.7.1%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/206173?format=json","purl":"pkg:deb/debian/ruby-mail@2.7.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.7.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/206177?format=json","purl":"pkg:deb/debian/ruby-mail@2.8.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.8.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/206176?format=json","purl":"pkg:deb/debian/ruby-mail@2.9.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby-mail@2.9.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/50171?format=json","purl":"pkg:gem/mail@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pgqp-64zv-8fc3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85420?format=json","purl":"pkg:gem/mail@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85421?format=json","purl":"pkg:gem/mail@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85422?format=json","purl":"pkg:gem/mail@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85423?format=json","purl":"pkg:gem/mail@1.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85424?format=json","purl":"pkg:gem/mail@1.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/85425?format=json","purl":"pkg:gem/mail@1.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/85426?format=json","purl":"pkg:gem/mail@1.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/85427?format=json","purl":"pkg:gem/mail@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85428?format=json","purl":"pkg:gem/mail@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85429?format=json","purl":"pkg:gem/mail@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85430?format=json","purl":"pkg:gem/mail@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85431?format=json","purl":"pkg:gem/mail@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/85432?format=json","purl":"pkg:gem/mail@1.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85433?format=json","purl":"pkg:gem/mail@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85434?format=json","purl":"pkg:gem/mail@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85435?format=json","purl":"pkg:gem/mail@1.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85436?format=json","purl":"pkg:gem/mail@1.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85437?format=json","purl":"pkg:gem/mail@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85438?format=json","purl":"pkg:gem/mail@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85439?format=json","purl":"pkg:gem/mail@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85440?format=json","purl":"pkg:gem/mail@1.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85441?format=json","purl":"pkg:gem/mail@1.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/85442?format=json","purl":"pkg:gem/mail@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85443?format=json","purl":"pkg:gem/mail@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85444?format=json","purl":"pkg:gem/mail@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85445?format=json","purl":"pkg:gem/mail@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85446?format=json","purl":"pkg:gem/mail@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85447?format=json","purl":"pkg:gem/mail@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85448?format=json","purl":"pkg:gem/mail@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85449?format=json","purl":"pkg:gem/mail@2.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85450?format=json","purl":"pkg:gem/mail@2.1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85451?format=json","purl":"pkg:gem/mail@2.1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85452?format=json","purl":"pkg:gem/mail@2.1.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.1.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85453?format=json","purl":"pkg:gem/mail@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/85454?format=json","purl":"pkg:gem/mail@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85455?format=json","purl":"pkg:gem/mail@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85456?format=json","purl":"pkg:gem/mail@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85457?format=json","purl":"pkg:gem/mail@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/85458?format=json","purl":"pkg:gem/mail@2.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85459?format=json","purl":"pkg:gem/mail@2.2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85460?format=json","purl":"pkg:gem/mail@2.2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85461?format=json","purl":"pkg:gem/mail@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/85462?format=json","purl":"pkg:gem/mail@2.2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85463?format=json","purl":"pkg:gem/mail@2.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/85464?format=json","purl":"pkg:gem/mail@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/85465?format=json","purl":"pkg:gem/mail@2.2.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/85466?format=json","purl":"pkg:gem/mail@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/85467?format=json","purl":"pkg:gem/mail@2.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/85468?format=json","purl":"pkg:gem/mail@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.12"},{"url":"http://public2.vulnerablecode.io/api/packages/85469?format=json","purl":"pkg:gem/mail@2.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.13"},{"url":"http://public2.vulnerablecode.io/api/packages/50093?format=json","purl":"pkg:gem/mail@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-gskv-mehm-gydz"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.14"},{"url":"http://public2.vulnerablecode.io/api/packages/50094?format=json","purl":"pkg:gem/mail@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/103135?format=json","purl":"pkg:gem/mail@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/103136?format=json","purl":"pkg:gem/mail@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.17"},{"url":"http://public2.vulnerablecode.io/api/packages/103137?format=json","purl":"pkg:gem/mail@2.2.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.18"},{"url":"http://public2.vulnerablecode.io/api/packages/103138?format=json","purl":"pkg:gem/mail@2.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.2.19"},{"url":"http://public2.vulnerablecode.io/api/packages/103140?format=json","purl":"pkg:gem/mail@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/50168?format=json","purl":"pkg:gem/mail@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/85888?format=json","purl":"pkg:gem/mail@2.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/85889?format=json","purl":"pkg:gem/mail@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/50169?format=json","purl":"pkg:gem/mail@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/50170?format=json","purl":"pkg:gem/mail@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4sz-rqp7-6ydb"},{"vulnerability":"VCID-pgqp-64zv-8fc3"},{"vulnerability":"VCID-q6zt-ft1w-8ka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/mail@2.4.3"}],"references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2139","reference_id":"","reference_type":"","scores":[{"value":"0.03527","scoring_system":"epss","scoring_elements":"0.87856","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2139"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=759092","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.novell.com/show_bug.cgi?id=759092"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=816352","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=816352"},{"reference_url":"https://github.com/mikel/mail","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mikel/mail"},{"reference_url":"https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/04/25/8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/04/25/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/04/26/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/04/26/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2139","reference_id":"CVE-2012-2139","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2139"},{"reference_url":"https://github.com/advisories/GHSA-cj92-c4fj-w9c5","reference_id":"GHSA-cj92-c4fj-w9c5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cj92-c4fj-w9c5"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":22,"name":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","description":"The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6zt-ft1w-8ka1"}