VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://groups.google.com/group/rubyonrails-security/msg/bbe342e43abaa78c?dmode=source&output=gplain
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065137.html
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
epss	0.00814	https://api.first.org/data/v1/epss?cve=CVE-2011-3186
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=732156
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-fcqf-h4h4-695m
generic_textual	MODERATE	https://github.com/rails/rails
generic_textual	MODERATE	https://github.com/rails/rails/commit/11dafeaa7533be26441a63618be93a03869c83a9
generic_textual	MODERATE	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-3186.yml
generic_textual	MODERATE	https://groups.google.com/forum/#!topic/rubyonrails-security/b_yTveAph2g
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2011-3186
generic_textual	MODERATE	https://web.archive.org/web/20150201000000*/http://secunia.com/advisories/45921
generic_textual	MODERATE	http://www.debian.org/security/2011/dsa-2301
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/17/1
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/19/11
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/20/1
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/22/13
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/22/14
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2011/08/22/5

System

Score

Found at

generic_textual

MODERATE

http://groups.google.com/group/rubyonrails-security/msg/bbe342e43abaa78c?dmode=source&output=gplain

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065137.html

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

epss

0.00814

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

generic_textual

MODERATE

https://bugzilla.redhat.com/show_bug.cgi?id=732156

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-fcqf-h4h4-695m

generic_textual

MODERATE

https://github.com/rails/rails

generic_textual

MODERATE

https://github.com/rails/rails/commit/11dafeaa7533be26441a63618be93a03869c83a9

generic_textual

MODERATE

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-3186.yml

generic_textual

MODERATE

https://groups.google.com/forum/#!topic/rubyonrails-security/b_yTveAph2g

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2011-3186

generic_textual

MODERATE

https://web.archive.org/web/20150201000000*/http://secunia.com/advisories/45921

generic_textual

MODERATE

http://www.debian.org/security/2011/dsa-2301

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/17/1

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/19/11

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/20/1

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/22/13

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/22/14

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2011/08/22/5

Reference id

Reference type

URL

http://groups.google.com/group/rubyonrails-security/msg/bbe342e43abaa78c?dmode=source&output=gplain

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065137.html

https://api.first.org/data/v1/epss?cve=CVE-2011-3186

https://bugzilla.redhat.com/show_bug.cgi?id=732156

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186

https://github.com/rails/rails

https://github.com/rails/rails/commit/11dafeaa7533be26441a63618be93a03869c83a9

https://github.com/rails/rails/commit/11dafeaa7533be26441a63618be93a03869c83a9#diff-62558f372a46058cbab9309494d0fbb1

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-3186.yml

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-74616.yml

https://groups.google.com/forum/#!topic/rubyonrails-security/b_yTveAph2g

https://nvd.nist.gov/vuln/detail/CVE-2011-3186

https://web.archive.org/web/20150201000000*/http://secunia.com/advisories/45921

http://www.debian.org/security/2011/dsa-2301

http://www.openwall.com/lists/oss-security/2011/08/17/1

http://www.openwall.com/lists/oss-security/2011/08/19/11

http://www.openwall.com/lists/oss-security/2011/08/20/1

http://www.openwall.com/lists/oss-security/2011/08/22/13

http://www.openwall.com/lists/oss-security/2011/08/22/14

http://www.openwall.com/lists/oss-security/2011/08/22/5

GHSA-fcqf-h4h4-695m

https://github.com/advisories/GHSA-fcqf-h4h4-695m

GLSA-201412-28

https://security.gentoo.org/glsa/201412-28

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:46:46.357884+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/actionpack/CVE-2011-3186.yml	38.0.0

2026-04-01T12:46:46.357884+00:00

GitLab Importer

Import

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/actionpack/CVE-2011-3186.yml

38.0.0

Vulnerability ID	VCID-kr1b-uct1-7kf6
Aliases	CVE-2011-3186 GHSA-fcqf-h4h4-695m OSV-74616
Summary	Response Splitting Vulnerability in Ruby on Rails A response splitting flaw can allow a remote attacker to inject arbitrary HTTP headers into a response due to insufficient sanitization of the values provided for response content types.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-94	Improper Control of Generation of Code ('Code Injection')

Percentile	0.74228
EPSS Score	0.00814
Published At	April 1, 2026, 12:55 p.m.