{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88232?format=json","vulnerability_id":"VCID-xtny-ychb-fff1","summary":"ruby: Incorrect checks for validity of X.509 certificates","aliases":[{"alias":"CVE-2009-0642"},{"alias":"GHSA-4gvm-4mw2-9fpv"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128413?format=json","purl":"pkg:rpm/redhat/ruby@1.8.1-7.el4_8?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-xtny-ychb-fff1"},{"vulnerability":"VCID-ynyp-ybd9-57df"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.1-7.el4_8%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/128414?format=json","purl":"pkg:rpm/redhat/ruby@1.8.5-5.el5_3?arch=7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-xtny-ychb-fff1"},{"vulnerability":"VCID-ynyp-ybd9-57df"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby@1.8.5-5.el5_3%3Farch=7"},{"url":"http://public2.vulnerablecode.io/api/packages/130657?format=json","purl":"pkg:ruby/ruby@1.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvc-uzev-wua4"},{"vulnerability":"VCID-5bte-uex2-f7du"},{"vulnerability":"VCID-8fbf-8fea-27d9"},{"vulnerability":"VCID-94vg-kqhg-qfdv"},{"vulnerability":"VCID-9gp6-pvw1-ufhs"},{"vulnerability":"VCID-9ukz-9357-aqb6"},{"vulnerability":"VCID-a15m-bcma-vfa7"},{"vulnerability":"VCID-bv9s-j5yk-m3aw"},{"vulnerability":"VCID-c9sy-czbr-tfer"},{"vulnerability":"VCID-ea13-mua4-1fb9"},{"vulnerability":"VCID-fw7k-88kf-1kgg"},{"vulnerability":"VCID-jx79-wpg7-2yaa"},{"vulnerability":"VCID-mzqm-gc4w-fbfp"},{"vulnerability":"VCID-nsa4-b31c-37g2"},{"vulnerability":"VCID-pegr-f5mh-ekdz"},{"vulnerability":"VCID-qjwb-ph9u-bubf"},{"vulnerability":"VCID-xtny-ychb-fff1"},{"vulnerability":"VCID-ynyp-ybd9-57df"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/130652?format=json","purl":"pkg:ruby/ruby@1.8.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ww6-w1k6-xqbp"},{"vulnerability":"VCID-4yvc-uzev-wua4"},{"vulnerability":"VCID-5bte-uex2-f7du"},{"vulnerability":"VCID-8fbf-8fea-27d9"},{"vulnerability":"VCID-9gp6-pvw1-ufhs"},{"vulnerability":"VCID-9ukz-9357-aqb6"},{"vulnerability":"VCID-a15m-bcma-vfa7"},{"vulnerability":"VCID-ar57-vndq-yka6"},{"vulnerability":"VCID-bjts-v9q2-9yg8"},{"vulnerability":"VCID-bv9s-j5yk-m3aw"},{"vulnerability":"VCID-c9sy-czbr-tfer"},{"vulnerability":"VCID-ea13-mua4-1fb9"},{"vulnerability":"VCID-fw7k-88kf-1kgg"},{"vulnerability":"VCID-jx79-wpg7-2yaa"},{"vulnerability":"VCID-mzqm-gc4w-fbfp"},{"vulnerability":"VCID-nsa4-b31c-37g2"},{"vulnerability":"VCID-nxub-6qsu-hbhk"},{"vulnerability":"VCID-pegr-f5mh-ekdz"},{"vulnerability":"VCID-qjwb-ph9u-bubf"},{"vulnerability":"VCID-r8r3-3x8p-ebh5"},{"vulnerability":"VCID-rh8q-s45v-xbhg"},{"vulnerability":"VCID-weh8-bs3g-a3hp"},{"vulnerability":"VCID-xtny-ychb-fff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/130665?format=json","purl":"pkg:ruby/ruby@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cvs2-zecm-z3h8"},{"vulnerability":"VCID-dh8q-zyat-43ce"},{"vulnerability":"VCID-e58n-x5ra-6ybq"},{"vulnerability":"VCID-rh8q-s45v-xbhg"},{"vulnerability":"VCID-xtny-ychb-fff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ruby/ruby@1.9.2"}],"references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://redmine.ruby-lang.org/issues/show/1091","reference_id":"","reference_type":"","scores":[],"url":"http://redmine.ruby-lang.org/issues/show/1091"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642","reference_id":"","reference_type":"","scores":[{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76849","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76618","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76716","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76742","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76749","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76748","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76797","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76785","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76801","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0642"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513528"},{"reference_url":"http://secunia.com/advisories/33750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33750"},{"reference_url":"http://secunia.com/advisories/35699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35699"},{"reference_url":"http://secunia.com/advisories/35937","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35937"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11450"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:193"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html"},{"reference_url":"http://www.securityfocus.com/bid/33769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33769"},{"reference_url":"http://www.securitytracker.com/id?1022505","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1022505"},{"reference_url":"http://www.ubuntu.com/usn/USN-805-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-805-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183","reference_id":"486183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=486183"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642","reference_id":"CVE-2009-0642","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/805-1/","reference_id":"USN-805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/805-1/"}],"weaknesses":[{"cwe_id":287,"name":"Improper Authentication","description":"When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct."}],"exploits":[],"severity_range_score":"6.8 - 6.8","exploitability":"0.5","weighted_severity":"6.1","risk_score":3.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtny-ychb-fff1"}