Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-txes-v9hy-j7fm
Vulnerability ID VCID-txes-v9hy-j7fm
Aliases CVE-2013-4203
GHSA-jg4m-q6w8-vrjp
OSV-95948
Summary rgpg Code Injection vulnerability
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-94 Improper Control of Generation of Code ('Code Injection')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.01422 https://api.first.org/data/v1/epss?cve=CVE-2013-4203
epss 0.01422 https://api.first.org/data/v1/epss?cve=CVE-2013-4203
epss 0.01422 https://api.first.org/data/v1/epss?cve=CVE-2013-4203
epss 0.01422 https://api.first.org/data/v1/epss?cve=CVE-2013-4203
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-jg4m-q6w8-vrjp
generic_textual HIGH https://github.com/rcook/rgpg
generic_textual HIGH https://github.com/rcook/rgpg/commit/b819b13d198495f3ecd2762a0dbe27bb6fae3505
generic_textual HIGH https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rgpg/CVE-2013-4203.yml
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2013-4203
generic_textual HIGH http://www.openwall.com/lists/oss-security/2013/08/03/2
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2013-4203
https://github.com/rcook/rgpg
https://github.com/rcook/rgpg/commit/b819b13d198495f3ecd2762a0dbe27bb6fae3505
http://vapid.dhs.org/advisories/rgpg-api-rubygem-cmd-inj.html
http://www.openwall.com/lists/oss-security/2013/08/03/2
CVE-2013-4203 https://nvd.nist.gov/vuln/detail/CVE-2013-4203
CVE-2013-4203.YML https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rgpg/CVE-2013-4203.yml
GHSA-jg4m-q6w8-vrjp https://github.com/advisories/GHSA-jg4m-q6w8-vrjp
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.81023
EPSS Score 0.01422
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:23:48.613123+00:00 GHSA Importer Import https://github.com/advisories/GHSA-jg4m-q6w8-vrjp 38.6.0