Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-9gp6-pvw1-ufhs

Summary

Multiple vulnerabilities have been discovered in Ruby that allow for
    attacks including arbitrary code execution and Denial of Service.

Aliases

alias	CVE-2008-2725

alias	GHSA-924x-9756-qq8p

alias	OSV-46553

Fixed_packages

url	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
purl	pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/ruby@1.8.6_p287-r1

Affected_packages

url pkg:rpm/redhat/ruby@1.6.4-6?arch=el2

purl pkg:rpm/redhat/ruby@1.6.4-6?arch=el2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-kfgm-et3n-ckg6

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.6.4-6%3Farch=el2

url pkg:rpm/redhat/ruby@1.6.8-12?arch=el3

purl pkg:rpm/redhat/ruby@1.6.8-12?arch=el3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-kfgm-et3n-ckg6

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.6.8-12%3Farch=el3

url pkg:rpm/redhat/ruby@1.8.1-7.el4_6?arch=1

purl pkg:rpm/redhat/ruby@1.8.1-7.el4_6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.1-7.el4_6%3Farch=1

url pkg:rpm/redhat/ruby@1.8.5-5.el5_2?arch=3

purl pkg:rpm/redhat/ruby@1.8.5-5.el5_2?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.5-5.el5_2%3Farch=3

url pkg:rpm/redhat/ruby3-3-main@3.3.10-23.1?arch=hum1

purl pkg:rpm/redhat/ruby3-3-main@3.3.10-23.1?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vp9-6q85-5ffv

vulnerability	VCID-2sv2-6snv-2bd3

vulnerability	VCID-4qm3-nbsk-73he

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-5xez-skrj-b3h4

vulnerability	VCID-6dxj-me8k-qfak

vulnerability	VCID-91b7-xx8t-rqhr

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9x9w-2k98-wydm

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-ar57-vndq-yka6

vulnerability	VCID-arjz-geyr-q7e3

vulnerability	VCID-bdar-wgfe-qqgf

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-cvs2-zecm-z3h8

vulnerability	VCID-dh8q-zyat-43ce

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-g1eu-mgx8-j3dw

vulnerability	VCID-g7ju-q41v-wyhd

vulnerability	VCID-jj3a-fpsa-a7at

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nxub-6qsu-hbhk

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qyz5-zmnt-qucy

vulnerability	VCID-rwak-wvuw-qbcg

vulnerability	VCID-sf98-mryd-yfb3

vulnerability	VCID-sfzh-hn56-hbak

vulnerability	VCID-t9y5-hd9b-bkc4

vulnerability	VCID-vcz9-dvf4-47am

vulnerability	VCID-wzdf-d9fv-u3hh

vulnerability	VCID-x126-x9qm-e7d3

vulnerability	VCID-xkd6-jvma-skfk

vulnerability	VCID-y56y-5am7-wkhr

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby3-3-main@3.3.10-23.1%3Farch=hum1

url pkg:rpm/redhat/ruby3-4-main@3.4.8-31.1?arch=hum1

purl pkg:rpm/redhat/ruby3-4-main@3.4.8-31.1?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vp9-6q85-5ffv

vulnerability	VCID-2sv2-6snv-2bd3

vulnerability	VCID-4qm3-nbsk-73he

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-5xez-skrj-b3h4

vulnerability	VCID-6dxj-me8k-qfak

vulnerability	VCID-91b7-xx8t-rqhr

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9x9w-2k98-wydm

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-ar57-vndq-yka6

vulnerability	VCID-arjz-geyr-q7e3

vulnerability	VCID-bdar-wgfe-qqgf

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-cvs2-zecm-z3h8

vulnerability	VCID-dh8q-zyat-43ce

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-g1eu-mgx8-j3dw

vulnerability	VCID-g7ju-q41v-wyhd

vulnerability	VCID-jj3a-fpsa-a7at

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nxub-6qsu-hbhk

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qyz5-zmnt-qucy

vulnerability	VCID-rwak-wvuw-qbcg

vulnerability	VCID-sf98-mryd-yfb3

vulnerability	VCID-sfzh-hn56-hbak

vulnerability	VCID-t9y5-hd9b-bkc4

vulnerability	VCID-vcz9-dvf4-47am

vulnerability	VCID-wzdf-d9fv-u3hh

vulnerability	VCID-x126-x9qm-e7d3

vulnerability	VCID-xkd6-jvma-skfk

vulnerability	VCID-y56y-5am7-wkhr

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby3-4-main@3.4.8-31.1%3Farch=hum1

url pkg:rpm/redhat/ruby4-0-main@4.0.0-33.3?arch=hum1

purl pkg:rpm/redhat/ruby4-0-main@4.0.0-33.3?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vp9-6q85-5ffv

vulnerability	VCID-2sv2-6snv-2bd3

vulnerability	VCID-4qm3-nbsk-73he

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-5xez-skrj-b3h4

vulnerability	VCID-6dxj-me8k-qfak

vulnerability	VCID-91b7-xx8t-rqhr

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9x9w-2k98-wydm

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-ar57-vndq-yka6

vulnerability	VCID-arjz-geyr-q7e3

vulnerability	VCID-bdar-wgfe-qqgf

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-cvs2-zecm-z3h8

vulnerability	VCID-dh8q-zyat-43ce

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-g1eu-mgx8-j3dw

vulnerability	VCID-g7ju-q41v-wyhd

vulnerability	VCID-jj3a-fpsa-a7at

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nxub-6qsu-hbhk

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qyz5-zmnt-qucy

vulnerability	VCID-rwak-wvuw-qbcg

vulnerability	VCID-sf98-mryd-yfb3

vulnerability	VCID-sfzh-hn56-hbak

vulnerability	VCID-t9y5-hd9b-bkc4

vulnerability	VCID-vcz9-dvf4-47am

vulnerability	VCID-wzdf-d9fv-u3hh

vulnerability	VCID-x126-x9qm-e7d3

vulnerability	VCID-xkd6-jvma-skfk

vulnerability	VCID-y56y-5am7-wkhr

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby4-0-main@4.0.0-33.3%3Farch=hum1

url pkg:ruby/ruby@1.8.6

purl pkg:ruby/ruby@1.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-8e2m-f1fg-ffdy

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.6

url pkg:ruby/ruby@1.8.7

purl pkg:ruby/ruby@1.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-94vg-kqhg-qfdv

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9ukz-9357-aqb6

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-bv9s-j5yk-m3aw

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-xtny-ychb-fff1

vulnerability	VCID-ynyp-ybd9-57df

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.7

url pkg:ruby/ruby@1.8.8

purl pkg:ruby/ruby@1.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ww6-w1k6-xqbp

vulnerability	VCID-4yvc-uzev-wua4

vulnerability	VCID-5bte-uex2-f7du

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-9gp6-pvw1-ufhs

vulnerability	VCID-9ukz-9357-aqb6

vulnerability	VCID-a15m-bcma-vfa7

vulnerability	VCID-ar57-vndq-yka6

vulnerability	VCID-bjts-v9q2-9yg8

vulnerability	VCID-bv9s-j5yk-m3aw

vulnerability	VCID-c9sy-czbr-tfer

vulnerability	VCID-ea13-mua4-1fb9

vulnerability	VCID-fw7k-88kf-1kgg

vulnerability	VCID-jx79-wpg7-2yaa

vulnerability	VCID-mzqm-gc4w-fbfp

vulnerability	VCID-nsa4-b31c-37g2

vulnerability	VCID-nxub-6qsu-hbhk

vulnerability	VCID-pegr-f5mh-ekdz

vulnerability	VCID-qjwb-ph9u-bubf

vulnerability	VCID-r8r3-3x8p-ebh5

vulnerability	VCID-rh8q-s45v-xbhg

vulnerability	VCID-weh8-bs3g-a3hp

vulnerability	VCID-xtny-ychb-fff1

resource_url http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.8

References

reference_url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
reference_id
reference_type
scores
url	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/

reference_url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2725

reference_id

reference_type

scores

value	0.0249
scoring_system	epss
scoring_elements	0.85476
published_at	2026-05-15T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85378
published_at	2026-05-05T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85404
published_at	2026-05-07T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85422
published_at	2026-05-09T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85417
published_at	2026-05-11T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.8543
published_at	2026-05-12T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85468
published_at	2026-05-14T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85305
published_at	2026-04-09T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.8532
published_at	2026-04-11T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85318
published_at	2026-04-12T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85315
published_at	2026-04-13T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85335
published_at	2026-04-16T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85336
published_at	2026-04-18T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85333
published_at	2026-04-21T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85356
published_at	2026-04-24T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85365
published_at	2026-04-26T12:55:00Z

value	0.0249
scoring_system	epss
scoring_elements	0.85364
published_at	2026-04-29T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86873
published_at	2026-04-01T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86884
published_at	2026-04-02T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86902
published_at	2026-04-04T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86897
published_at	2026-04-07T12:55:00Z

value	0.03164
scoring_system	epss
scoring_elements	0.86917
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2725

reference_url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
reference_id
reference_type
scores
url	https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727

reference_url	http://secunia.com/advisories/30802
reference_id
reference_type
scores
url	http://secunia.com/advisories/30802

reference_url	http://secunia.com/advisories/30831
reference_id
reference_type
scores
url	http://secunia.com/advisories/30831

reference_url	http://secunia.com/advisories/30867
reference_id
reference_type
scores
url	http://secunia.com/advisories/30867

reference_url	http://secunia.com/advisories/30875
reference_id
reference_type
scores
url	http://secunia.com/advisories/30875

reference_url	http://secunia.com/advisories/30894
reference_id
reference_type
scores
url	http://secunia.com/advisories/30894

reference_url	http://secunia.com/advisories/31062
reference_id
reference_type
scores
url	http://secunia.com/advisories/31062

reference_url	http://secunia.com/advisories/31090
reference_id
reference_type
scores
url	http://secunia.com/advisories/31090

reference_url	http://secunia.com/advisories/31181
reference_id
reference_type
scores
url	http://secunia.com/advisories/31181

reference_url	http://secunia.com/advisories/31256
reference_id
reference_type
scores
url	http://secunia.com/advisories/31256

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43350
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43350

reference_url	https://issues.rpath.com/browse/RPL-2626
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-2626

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606

reference_url	http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT2163

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html

reference_url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

reference_url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
reference_id
reference_type
scores
url	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206

reference_url	http://www.debian.org/security/2008/dsa-1612
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1612

reference_url	http://www.debian.org/security/2008/dsa-1618
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1618

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:140

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:141

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:142

reference_url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
reference_id
reference_type
scores
url	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/

reference_url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0561.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0561.html

reference_url	http://www.ruby-forum.com/topic/157034
reference_id
reference_type
scores
url	http://www.ruby-forum.com/topic/157034

reference_url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
reference_id
reference_type
scores
url	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html

reference_url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

reference_url	http://www.securityfocus.com/archive/1/493688/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/493688/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29903
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29903

reference_url	http://www.securitytracker.com/id?1020347
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020347

reference_url	http://www.ubuntu.com/usn/usn-621-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-621-1

reference_url	http://www.vupen.com/english/advisories/2008/1907/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1907/references

reference_url	http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1981/references

reference_url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
reference_id
reference_type
scores
url	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451821
reference_id	451821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::
reference_id	cpe:2.3:a:ruby-lang:ruby::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2725

reference_id

CVE-2008-2725

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2725

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

reference_url	https://access.redhat.com/errata/RHSA-2008:0561
reference_id	RHSA-2008:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0561

reference_url	https://access.redhat.com/errata/RHSA-2008:0562
reference_id	RHSA-2008:0562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0562

reference_url	https://access.redhat.com/errata/RHSA-2026:7305
reference_id	RHSA-2026:7305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7305

reference_url	https://access.redhat.com/errata/RHSA-2026:7307
reference_id	RHSA-2026:7307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7307

reference_url	https://access.redhat.com/errata/RHSA-2026:8838
reference_id	RHSA-2026:8838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8838

reference_url	https://usn.ubuntu.com/621-1/
reference_id	USN-621-1
reference_type
scores
url	https://usn.ubuntu.com/621-1/

Weaknesses

cwe_id	190
name	Integer Overflow or Wraparound
description	The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

cwe_id	189
name	Numeric Errors
description	Weaknesses in this category are related to improper calculation or conversion of numbers.

Exploits

Severity_range_score 7.8 - 7.8

Exploitability 0.5

Weighted_severity 7.0

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gp6-pvw1-ufhs

Vulnerability Instance