{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59746?format=json","vulnerability_id":"VCID-k6dd-ykw2-nfh6","summary":"security update","aliases":[{"alias":"CVE-2015-1855"},{"alias":"GHSA-4x8v-74xf-h4g3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572193?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.7.358-7.1%2Bdeb7u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.7.358-7.1%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1035320?format=json","purl":"pkg:deb/debian/ruby1.9.1@1.9.3.194-8.1%2Bdeb7u5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.9.1@1.9.3.194-8.1%252Bdeb7u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1036494?format=json","purl":"pkg:deb/debian/ruby2.1@2.1.5-2%2Bdeb8u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby2.1@2.1.5-2%252Bdeb8u3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572186?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.2-7sarge6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.2-7sarge6"},{"url":"http://public2.vulnerablecode.io/api/packages/572187?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.5-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.5-4"},{"url":"http://public2.vulnerablecode.io/api/packages/572188?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.5-4etch5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.5-4etch5"},{"url":"http://public2.vulnerablecode.io/api/packages/572189?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.7.72-3lenny1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.7.72-3lenny1"},{"url":"http://public2.vulnerablecode.io/api/packages/572190?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/572191?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze2"},{"url":"http://public2.vulnerablecode.io/api/packages/572192?format=json","purl":"pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.8@1.8.7.302-2squeeze5"},{"url":"http://public2.vulnerablecode.io/api/packages/571287?format=json","purl":"pkg:deb/debian/ruby1.9.1@1.9.2.0-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-rwak-wvuw-qbcg"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.9.1@1.9.2.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/571288?format=json","purl":"pkg:deb/debian/ruby1.9.1@1.9.2.0-2%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-rwak-wvuw-qbcg"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.9.1@1.9.2.0-2%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/571289?format=json","purl":"pkg:deb/debian/ruby1.9.1@1.9.2.0-2%2Bdeb6u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-5xez-skrj-b3h4"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-rwak-wvuw-qbcg"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.9.1@1.9.2.0-2%252Bdeb6u7"},{"url":"http://public2.vulnerablecode.io/api/packages/571290?format=json","purl":"pkg:deb/debian/ruby1.9.1@1.9.3.194-8.1%2Bdeb7u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-rwak-wvuw-qbcg"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby1.9.1@1.9.3.194-8.1%252Bdeb7u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1036493?format=json","purl":"pkg:deb/debian/ruby2.1@2.1.5-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k6dd-ykw2-nfh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ruby2.1@2.1.5-2"},{"url":"http://public2.vulnerablecode.io/api/packages/130658?format=json","purl":"pkg:ruby/ruby@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-3uaa-r5vu-2fg9"},{"vulnerability":"VCID-cvs2-zecm-z3h8"},{"vulnerability":"VCID-g7ju-q41v-wyhd"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-pkg9-61ah-kbex"},{"vulnerability":"VCID-wzdf-d9fv-u3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/130659?format=json","purl":"pkg:ruby/ruby@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bdw-9rs5-6ycg"},{"vulnerability":"VCID-3uaa-r5vu-2fg9"},{"vulnerability":"VCID-cvs2-zecm-z3h8"},{"vulnerability":"VCID-k6dd-ykw2-nfh6"},{"vulnerability":"VCID-rwak-wvuw-qbcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@2.2"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1855.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1855","reference_id":"","reference_type":"","scores":[{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.86086","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85867","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.86033","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.86047","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85877","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85894","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85898","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85916","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85926","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85941","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85939","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85934","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85956","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85966","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85975","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85976","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.85996","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.86019","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0272","scoring_system":"epss","scoring_elements":"0.86036","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1855"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1855","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209981","reference_id":"1209981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209981"},{"reference_url":"https://usn.ubuntu.com/3365-1/","reference_id":"USN-3365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3365-1/"}],"weaknesses":[{"cwe_id":297,"name":"Improper Validation of Certificate with Host Mismatch","description":"The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host."}],"exploits":[],"severity_range_score":"5.9 - 5.9","exploitability":"0.5","weighted_severity":"5.3","risk_score":2.6,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6dd-ykw2-nfh6"}