{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39484?format=json","vulnerability_id":"VCID-yxa4-p6gs-7bgr","summary":"RubyGems contains an Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem being able to set an invalid homepage URL.","aliases":[{"alias":"CVE-2018-1000077"},{"alias":"GHSA-gv86-43rv-79m2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/100149?format=json","purl":"pkg:deb/debian/jruby@9.1.17.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jruby@9.1.17.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/100135?format=json","purl":"pkg:deb/debian/jruby@9.3.9.0%2Bds-8?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cran-uhew-auat"},{"vulnerability":"VCID-v5r6-nhe3-87dz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jruby@9.3.9.0%252Bds-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/100137?format=json","purl":"pkg:deb/debian/jruby@9.4.8.0%2Bds-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jruby@9.4.8.0%252Bds-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/127782?format=json","purl":"pkg:deb/debian/rubygems@3.2.0~rc.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/rubygems@3.2.0~rc.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/127779?format=json","purl":"pkg:deb/debian/rubygems@3.2.5-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zz3m-f23k-6kec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/rubygems@3.2.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/127776?format=json","purl":"pkg:deb/debian/rubygems@3.3.15-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/rubygems@3.3.15-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/127780?format=json","purl":"pkg:deb/debian/rubygems@3.6.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/rubygems@3.6.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/55156?format=json","purl":"pkg:gem/rubygems-update@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-nd17-pxzx-nyba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/58171?format=json","purl":"pkg:gem/rubygems-update@2.7.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ab1-3xjd-aqbp"},{"vulnerability":"VCID-e9b5-m5x2-z3fb"},{"vulnerability":"VCID-hyvx-ab9s-uyby"},{"vulnerability":"VCID-k7u9-hhnh-m7f5"},{"vulnerability":"VCID-kxbg-rg3f-ruad"},{"vulnerability":"VCID-rpe2-d8ht-u3ht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.7.6"},{"url":"http://public2.vulnerablecode.io/api/packages/62450?format=json","purl":"pkg:maven/org.jruby/jruby-stdlib@9.1.16.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.jruby/jruby-stdlib@9.1.16.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/159766?format=json","purl":"pkg:gem/rubygems-update@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/159767?format=json","purl":"pkg:gem/rubygems-update@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/159768?format=json","purl":"pkg:gem/rubygems-update@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/159769?format=json","purl":"pkg:gem/rubygems-update@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/159770?format=json","purl":"pkg:gem/rubygems-update@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/159771?format=json","purl":"pkg:gem/rubygems-update@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/159772?format=json","purl":"pkg:gem/rubygems-update@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/159773?format=json","purl":"pkg:gem/rubygems-update@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-c9w3-xh7j-57bq"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/52312?format=json","purl":"pkg:gem/rubygems-update@2.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-t8p2-dj3e-r7gt"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/52358?format=json","purl":"pkg:gem/rubygems-update@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/55155?format=json","purl":"pkg:gem/rubygems-update@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-68hc-d8u1-yye5"},{"vulnerability":"VCID-bb6n-nq7v-8qex"},{"vulnerability":"VCID-br82-gd5d-pqew"},{"vulnerability":"VCID-c7rs-vbjr-nyfz"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-nd17-pxzx-nyba"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:gem/rubygems-update@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/146618?format=json","purl":"pkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-kj49-ndfe-vqfc"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/146621?format=json","purl":"pkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-kj49-ndfe-vqfc"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby23-ruby@2.3.8-69%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/146622?format=json","purl":"pkg:rpm/redhat/rh-ruby24-ruby@2.4.5-91?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-kj49-ndfe-vqfc"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby24-ruby@2.4.5-91%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/146624?format=json","purl":"pkg:rpm/redhat/rh-ruby24-ruby@2.4.5-91?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-kj49-ndfe-vqfc"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby24-ruby@2.4.5-91%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/146620?format=json","purl":"pkg:rpm/redhat/rh-ruby25-ruby@2.5.3-6?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-kj49-ndfe-vqfc"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-ruby25-ruby@2.5.3-6%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/150175?format=json","purl":"pkg:rpm/redhat/ruby@2.0.0.648-35?arch=el7_5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@2.0.0.648-35%3Farch=el7_5"},{"url":"http://public2.vulnerablecode.io/api/packages/150176?format=json","purl":"pkg:rpm/redhat/ruby@2.0.0.648-35?arch=el7_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@2.0.0.648-35%3Farch=el7_4"},{"url":"http://public2.vulnerablecode.io/api/packages/146627?format=json","purl":"pkg:rpm/redhat/ruby@2.0.0.648-36?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361p-4hj9-q7hh"},{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5g8n-wc8m-1kbe"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-buqt-chxx-nqf9"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-gvp7-3hy2-3bbp"},{"vulnerability":"VCID-hmb2-yyf8-7ff4"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@2.0.0.648-36%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/150179?format=json","purl":"pkg:rpm/redhat/ruby@2.0.0.648-36?arch=el7_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3bue-qvm7-2fby"},{"vulnerability":"VCID-5n7x-6wez-myfx"},{"vulnerability":"VCID-e7rv-fv84-jygh"},{"vulnerability":"VCID-k6gg-djg6-kbh5"},{"vulnerability":"VCID-mes6-r6ra-7yaj"},{"vulnerability":"VCID-qrbv-et5k-wkdk"},{"vulnerability":"VCID-xqpw-9uap-kugb"},{"vulnerability":"VCID-yxa4-p6gs-7bgr"},{"vulnerability":"VCID-zzey-wstd-p7e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@2.0.0.648-36%3Farch=el7_6"}],"references":[{"reference_url":"http://blog.rubygems.org/2018/02/15/2.7.6-released.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blog.rubygems.org/2018/02/15/2.7.6-released.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3729","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3730","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3731","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2028","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0542","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0591","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0663","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0663"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000077.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000077.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000077","reference_id":"","reference_type":"","scores":[{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.78038","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000077"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jruby/jruby/commit/0b06b48ab4432237ce5fc1bef47f2c6bcf7843f7"},{"reference_url":"https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubygems/rubygems/commit/5971b486d4dbb2bad5d3445b3801c456eb0ce183"},{"reference_url":"https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00028.html"},{"reference_url":"https://usn.ubuntu.com/3621-1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3621-1"},{"reference_url":"https://usn.ubuntu.com/3621-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3621-1/"},{"reference_url":"https://www.debian.org/security/2018/dsa-4219","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4219"},{"reference_url":"https://www.debian.org/security/2018/dsa-4259","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4259"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1547422","reference_id":"1547422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1547422"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000077","reference_id":"CVE-2018-1000077","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000077"},{"reference_url":"https://github.com/advisories/GHSA-gv86-43rv-79m2","reference_id":"GHSA-gv86-43rv-79m2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gv86-43rv-79m2"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxa4-p6gs-7bgr"}