VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0686.html
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
epss	0.08626	https://api.first.org/data/v1/epss?cve=CVE-2013-0263
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=909071
generic_textual	MODERATE	https://gist.github.com/codahale/f9f3781f7b54985bee94
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-xc85-32mf-xpv8
generic_textual	MODERATE	https://github.com/rack/rack
generic_textual	MODERATE	https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
generic_textual	MODERATE	https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
generic_textual	MODERATE	https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
generic_textual	MODERATE	https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
generic_textual	MODERATE	https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
generic_textual	MODERATE	https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
generic_textual	MODERATE	https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2013-0263
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-0263
generic_textual	MODERATE	http://www.debian.org/security/2013/dsa-2783

System

Score

Found at

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0686.html

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

epss

0.08626

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

generic_textual

MODERATE

https://bugzilla.redhat.com/show_bug.cgi?id=909071

generic_textual

MODERATE

https://gist.github.com/codahale/f9f3781f7b54985bee94

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-xc85-32mf-xpv8

generic_textual

MODERATE

https://github.com/rack/rack

generic_textual

MODERATE

https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07

generic_textual

MODERATE

https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11

generic_textual

MODERATE

https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J

generic_textual

MODERATE

https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ

generic_textual

MODERATE

https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ

generic_textual

MODERATE

https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ

generic_textual

MODERATE

https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ

cvssv2

5.1

https://nvd.nist.gov/vuln/detail/CVE-2013-0263

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2013-0263

generic_textual

MODERATE

http://www.debian.org/security/2013/dsa-2783

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
		http://rack.github.com/
		http://rhn.redhat.com/errata/RHSA-2013-0686.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-0263
		https://bugzilla.redhat.com/show_bug.cgi?id=909071
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
		http://secunia.com/advisories/52033
		http://secunia.com/advisories/52134
		http://secunia.com/advisories/52774
		https://gist.github.com/codahale/f9f3781f7b54985bee94
		https://github.com/rack/rack
		https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
		https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
		https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
		https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
		https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
		https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
		https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
		https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
		https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
		https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
		https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
		https://nvd.nist.gov/vuln/detail/CVE-2013-0263
		https://puppet.com/security/cve/cve-2013-0263
		https://twitter.com/coda/statuses/299732877745197056
		http://www.debian.org/security/2013/dsa-2783
		http://www.osvdb.org/89939
700226		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226
cpe:2.3:a:rack_project:rack:1.1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:::::::*
cpe:2.3:a:rack_project:rack:1.1.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:::::::*
cpe:2.3:a:rack_project:rack:1.1.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:::::::*
cpe:2.3:a:rack_project:rack:1.1.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:::::::*
cpe:2.3:a:rack_project:rack:1.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:::::::*
cpe:2.3:a:rack_project:rack:1.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:::::::*
cpe:2.3:a:rack_project:rack:1.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:::::::*
cpe:2.3:a:rack_project:rack:1.2.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:::::::*
cpe:2.3:a:rack_project:rack:1.2.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:::::::*
cpe:2.3:a:rack_project:rack:1.2.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:::::::*
cpe:2.3:a:rack_project:rack:1.2.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:::::::*
cpe:2.3:a:rack_project:rack:1.3.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:::::::*
cpe:2.3:a:rack_project:rack:1.3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:::::::*
cpe:2.3:a:rack_project:rack:1.3.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:::::::*
cpe:2.3:a:rack_project:rack:1.3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:::::::*
cpe:2.3:a:rack_project:rack:1.3.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:::::::*
cpe:2.3:a:rack_project:rack:1.3.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:::::::*
cpe:2.3:a:rack_project:rack:1.3.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:::::::*
cpe:2.3:a:rack_project:rack:1.3.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:::::::*
cpe:2.3:a:rack_project:rack:1.3.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:::::::*
cpe:2.3:a:rack_project:rack:1.3.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:::::::*
cpe:2.3:a:rack_project:rack:1.4.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:::::::*
cpe:2.3:a:rack_project:rack:1.4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:::::::*
cpe:2.3:a:rack_project:rack:1.4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:::::::*
cpe:2.3:a:rack_project:rack:1.4.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:::::::*
cpe:2.3:a:rack_project:rack:1.4.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:::::::*
cpe:2.3:a:rack_project:rack:1.5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:::::::*
cpe:2.3:a:rack_project:rack:1.5.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:::::::*
GHSA-xc85-32mf-xpv8		https://github.com/advisories/GHSA-xc85-32mf-xpv8
GLSA-201405-10		https://security.gentoo.org/glsa/201405-10
RHSA-2013:0686		https://access.redhat.com/errata/RHSA-2013:0686

Reference id

Reference type

URL

http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html

http://rack.github.com/

http://rhn.redhat.com/errata/RHSA-2013-0686.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json

https://api.first.org/data/v1/epss?cve=CVE-2013-0263

https://bugzilla.redhat.com/show_bug.cgi?id=909071

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263

http://secunia.com/advisories/52033

http://secunia.com/advisories/52134

http://secunia.com/advisories/52774

https://gist.github.com/codahale/f9f3781f7b54985bee94

https://github.com/rack/rack

https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07

https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11

https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J

https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ

https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ

https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ

https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ

https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ

https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ

https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ

https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ

https://nvd.nist.gov/vuln/detail/CVE-2013-0263

https://puppet.com/security/cve/cve-2013-0263

https://twitter.com/coda/statuses/299732877745197056

http://www.debian.org/security/2013/dsa-2783

http://www.osvdb.org/89939

700226

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226

cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*

GHSA-xc85-32mf-xpv8

https://github.com/advisories/GHSA-xc85-32mf-xpv8

GLSA-201405-10

https://security.gentoo.org/glsa/201405-10

RHSA-2013:0686

https://access.redhat.com/errata/RHSA-2013:0686

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:46:47.978899+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rack/CVE-2013-0263.yml	38.0.0

2026-04-01T12:46:47.978899+00:00

GitLab Importer

Import

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rack/CVE-2013-0263.yml

38.0.0

Vulnerability ID	VCID-y12d-fjpf-uubh
Aliases	CVE-2013-0263 GHSA-xc85-32mf-xpv8 OSV-89939
Summary	Timing attack against Rack::Session::Cookie Affected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.92398
EPSS Score	0.08626
Published At	April 1, 2026, 12:55 p.m.