[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2011-1004":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":195,"aliases":196,"duplicate_of":9,"upstream":197,"downstream":198,"duplicates":203,"related":204,"reserved_at":9,"published_at":205,"modified_at":206,"state":207,"summary":208,"references_raw":217,"kevs":298,"epss":299,"epss_history":302,"metrics":566,"affected":571},"CVE-2011-1004","The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-59","Improper Link Resolution Before File Access ('Link Following')","The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.","weakness","Draft","Base","Medium",[20,101,162,191],{"id":21,"name":22,"techniques":23},"CAPEC-132","Symlink Attack",[24],{"id":25,"name":26,"tactics":27,"countermeasures":34},"T1547.009","Shortcut Modification",[28,31],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",[35,40,44,48,52,57,62,67,72,77,81,85,89,93,97],{"id":36,"name":37,"tactic":38},"D3-FA","File Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-FIM","File Integrity Monitoring",{"name":39},{"id":45,"name":46,"tactic":47},"D3-DA","Dynamic Analysis",{"name":39},{"id":49,"name":50,"tactic":51},"D3-EFA","Emulated File Analysis",{"name":39},{"id":53,"name":54,"tactic":55},"D3-FEV","File Eviction",{"name":56},"Evict",{"id":58,"name":59,"tactic":60},"D3-DF","Decoy File",{"name":61},"Deceive",{"id":63,"name":64,"tactic":65},"D3-FE","File Encryption",{"name":66},"Harden",{"id":68,"name":69,"tactic":70},"D3-RF","Restore File",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CF","Content Filtering",{"name":76},"Isolate",{"id":78,"name":79,"tactic":80},"D3-LFP","Local File Permissions",{"name":76},{"id":82,"name":83,"tactic":84},"D3-RFAM","Remote File Access Mediation",{"name":76},{"id":86,"name":87,"tactic":88},"D3-CQ","Content Quarantine",{"name":76},{"id":90,"name":91,"tactic":92},"D3-CM","Content Modification",{"name":76},{"id":94,"name":95,"tactic":96},"D3-EAL","Executable Allowlisting",{"name":76},{"id":98,"name":99,"tactic":100},"D3-EDL","Executable Denylisting",{"name":76},{"id":102,"name":103,"techniques":104},"CAPEC-17","Using Malicious Files",[105,142],{"id":106,"name":107,"tactics":108,"countermeasures":120},"T1574.005","Executable Installer File Permissions Weakness",[109,110,111,114,117],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},"TA0030","Defense Evasion",{"id":115,"name":116},"TA0005","Stealth",{"id":118,"name":119},"TA0104","Execution",[121,126,130,134,138],{"id":122,"name":123,"tactic":124},"D3-SWI","Software Inventory",{"name":125},"Model",{"id":127,"name":128,"tactic":129},"D3-AVE","Asset Vulnerability Enumeration",{"name":125},{"id":131,"name":132,"tactic":133},"D3-SBV","Service Binary Verification",{"name":39},{"id":135,"name":136,"tactic":137},"D3-SU","Software Update",{"name":66},{"id":139,"name":140,"tactic":141},"D3-RS","Restore Software",{"name":71},{"id":143,"name":144,"tactics":145,"countermeasures":151},"T1574.010","Services File Permissions Weakness",[146,147,148,149,150],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},{"id":115,"name":116},{"id":118,"name":119},[152,154,156,158,160],{"id":122,"name":123,"tactic":153},{"name":125},{"id":127,"name":128,"tactic":155},{"name":125},{"id":131,"name":132,"tactic":157},{"name":39},{"id":135,"name":136,"tactic":159},{"name":66},{"id":139,"name":140,"tactic":161},{"name":71},{"id":163,"name":164,"techniques":165},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[166,173,180],{"id":167,"name":168,"tactics":169,"countermeasures":172},"T1027.006","HTML Smuggling",[170,171],{"id":112,"name":113},{"id":115,"name":116},[],{"id":174,"name":175,"tactics":176,"countermeasures":179},"T1027.009","Embedded Payloads",[177,178],{"id":112,"name":113},{"id":115,"name":116},[],{"id":181,"name":182,"tactics":183,"countermeasures":186},"T1564.009","Resource Forking",[184,185],{"id":112,"name":113},{"id":115,"name":116},[187],{"id":188,"name":189,"tactic":190},"D3-FFV","File Format Verification",{"name":76},{"id":192,"name":193,"techniques":194},"CAPEC-76","Manipulating Web Input to File System Calls",[],[],[],[],[199,201],{"_key":200},"RHSA-2011:0909",{"_key":202},"RHSA-2011:0910",[],[],"2011-03-02T19:00:00.000Z","2024-08-06T22:14:26.892Z","Modified",{"cisa_kev":209,"cisa_ransomware":209,"cisa_vendor":9,"epss_severity":210,"epss_score":211,"severity":212,"severity_score":213,"severity_version":214,"severity_source":215,"severity_vector":216,"severity_status":207},false,"low",0.00044,"medium",6.3,"v2.0","nvd","AV:L/AC:M/Au:N/C:N/I:C/A:C",[218,225,231,238,243,247,252,258,262,267,272,276,280,284,288,293],{"url":219,"sources":220,"tags":222},"http://www.redhat.com/support/errata/RHSA-2011-0910.html",[221,215],"cve.org",[223,224],"Vendor Advisory","X Refsource REDHAT",{"url":226,"sources":227,"tags":228},"http://www.securityfocus.com/bid/46460",[221,215],[229,230],"VDB Entry","X Refsource BID",{"url":232,"sources":233,"tags":234},"http://www.openwall.com/lists/oss-security/2011/02/21/5",[221,215],[235,236,237],"Mailing List","X Refsource MLIST","Patch",{"url":239,"sources":240,"tags":241},"http://www.vupen.com/english/advisories/2011/0539",[221,215],[229,242],"X Refsource VUPEN",{"url":244,"sources":245,"tags":246},"http://www.redhat.com/support/errata/RHSA-2011-0909.html",[221,215],[223,224],{"url":248,"sources":249,"tags":250},"https://bugzilla.redhat.com/show_bug.cgi?id=678913",[221,215],[251,237],"X Refsource CONFIRM",{"url":253,"sources":254,"tags":255},"http://secunia.com/advisories/43573",[221,215],[256,257],"Third Party Advisory","X Refsource SECUNIA",{"url":259,"sources":260,"tags":261},"http://www.openwall.com/lists/oss-security/2011/02/21/2",[221,215],[235,236,237],{"url":263,"sources":264,"tags":265},"http://osvdb.org/70958",[221,215],[229,266],"X Refsource OSVDB",{"url":268,"sources":269,"tags":270},"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html",[221,215],[223,271],"X Refsource FEDORA",{"url":273,"sources":274,"tags":275},"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html",[221,215],[223,271],{"url":277,"sources":278,"tags":279},"http://secunia.com/advisories/43434",[221,215],[256,257,223],{"url":281,"sources":282,"tags":283},"http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/",[221,215],[251,237,223],{"url":285,"sources":286,"tags":287},"http://support.apple.com/kb/HT5281",[221,215],[251],{"url":289,"sources":290,"tags":291},"http://www.mandriva.com/security/advisories?name=MDVSA-2011:097",[221,215],[223,292],"X Refsource MANDRIVA",{"url":294,"sources":295,"tags":296},"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html",[221,215],[223,297],"X Refsource APPLE",[],{"date":300,"score":211,"percentile":301},"2026-06-04",0.13866,[303,307,310,313,316,319,322,325,328,331,334,337,340,342,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,436,439,441,443,446,449,451,454,457,461,464,467,470,473,476,479,481,484,487,490,493,496,499,502,505,508,511,514,517,519,522,524,527,530,533,536,539,542,545,548,551,554,557,560,563],{"date":304,"score":305,"percentile":306},"2025-11-04",0.00045,0.13565,{"date":308,"score":305,"percentile":309},"2025-11-05",0.13594,{"date":311,"score":305,"percentile":312},"2025-11-06",0.13682,{"date":314,"score":305,"percentile":315},"2025-11-07",0.13692,{"date":317,"score":305,"percentile":318},"2025-11-08",0.13697,{"date":320,"score":305,"percentile":321},"2025-11-09",0.13668,{"date":323,"score":305,"percentile":324},"2025-11-10",0.1364,{"date":326,"score":305,"percentile":327},"2025-11-11",0.13659,{"date":329,"score":305,"percentile":330},"2025-11-12",0.1366,{"date":332,"score":305,"percentile":333},"2025-11-13",0.13687,{"date":335,"score":305,"percentile":336},"2025-11-14",0.13713,{"date":338,"score":305,"percentile":339},"2025-11-15",0.13685,{"date":341,"score":305,"percentile":339},"2025-11-16",{"date":343,"score":305,"percentile":330},"2025-11-17",{"date":345,"score":305,"percentile":346},"2025-11-18",0.09123,{"date":348,"score":305,"percentile":349},"2025-11-19",0.09139,{"date":351,"score":305,"percentile":352},"2025-11-20",0.09163,{"date":354,"score":305,"percentile":355},"2025-11-21",0.13683,{"date":357,"score":305,"percentile":358},"2025-11-22",0.13673,{"date":360,"score":305,"percentile":361},"2025-11-23",0.13654,{"date":363,"score":305,"percentile":364},"2025-11-24",0.13614,{"date":366,"score":305,"percentile":367},"2025-11-25",0.13616,{"date":369,"score":305,"percentile":370},"2025-11-26",0.13612,{"date":372,"score":305,"percentile":373},"2025-11-27",0.13611,{"date":375,"score":305,"percentile":376},"2025-11-28",0.13591,{"date":378,"score":305,"percentile":379},"2025-11-29",0.1359,{"date":381,"score":305,"percentile":382},"2025-11-30",0.13596,{"date":384,"score":305,"percentile":385},"2025-12-01",0.13632,{"date":387,"score":305,"percentile":388},"2025-12-02",0.13653,{"date":390,"score":305,"percentile":391},"2025-12-03",0.1368,{"date":393,"score":305,"percentile":394},"2025-12-04",0.13651,{"date":396,"score":305,"percentile":397},"2025-12-05",0.1372,{"date":399,"score":305,"percentile":400},"2025-12-06",0.13737,{"date":402,"score":211,"percentile":403},"2025-12-07",0.13244,{"date":405,"score":211,"percentile":406},"2025-12-08",0.13252,{"date":408,"score":211,"percentile":409},"2025-12-09",0.13318,{"date":411,"score":211,"percentile":412},"2025-12-10",0.1339,{"date":414,"score":211,"percentile":415},"2025-12-11",0.13424,{"date":417,"score":211,"percentile":418},"2025-12-12",0.13473,{"date":420,"score":211,"percentile":421},"2025-12-13",0.13497,{"date":423,"score":211,"percentile":424},"2025-12-14",0.13477,{"date":426,"score":211,"percentile":427},"2025-12-15",0.13443,{"date":429,"score":211,"percentile":430},"2025-12-16",0.1345,{"date":432,"score":211,"percentile":433},"2025-12-17",0.13549,{"date":435,"score":211,"percentile":370},"2025-12-18",{"date":437,"score":211,"percentile":438},"2025-12-19",0.13664,{"date":440,"score":211,"percentile":361},"2025-12-20",{"date":442,"score":211,"percentile":367},"2025-12-21",{"date":444,"score":211,"percentile":445},"2025-12-22",0.13568,{"date":447,"score":211,"percentile":448},"2025-12-23",0.13566,{"date":450,"score":211,"percentile":306},"2025-12-24",{"date":452,"score":211,"percentile":453},"2025-12-25",0.13637,{"date":455,"score":211,"percentile":456},"2025-12-26",0.13599,{"date":458,"score":459,"percentile":460},"2025-12-27",0.0005,0.15705,{"date":462,"score":211,"percentile":463},"2025-12-28",0.13574,{"date":465,"score":211,"percentile":466},"2025-12-29",0.13471,{"date":468,"score":211,"percentile":469},"2025-12-30",0.13479,{"date":471,"score":211,"percentile":472},"2025-12-31",0.13541,{"date":474,"score":211,"percentile":475},"2026-01-01",0.13613,{"date":477,"score":211,"percentile":478},"2026-01-02",0.13601,{"date":480,"score":211,"percentile":448},"2026-01-03",{"date":482,"score":211,"percentile":483},"2026-01-04",0.13488,{"date":485,"score":211,"percentile":486},"2026-01-05",0.13445,{"date":488,"score":211,"percentile":489},"2026-01-06",0.13455,{"date":491,"score":211,"percentile":492},"2026-01-07",0.1349,{"date":494,"score":211,"percentile":495},"2026-01-08",0.13538,{"date":497,"score":211,"percentile":498},"2026-01-09",0.13546,{"date":500,"score":211,"percentile":501},"2026-01-10",0.13563,{"date":503,"score":211,"percentile":504},"2026-01-11",0.13491,{"date":506,"score":211,"percentile":507},"2026-01-12",0.13459,{"date":509,"score":211,"percentile":510},"2026-01-13",0.13433,{"date":512,"score":211,"percentile":513},"2026-01-14",0.13493,{"date":515,"score":211,"percentile":516},"2026-01-15",0.13494,{"date":518,"score":211,"percentile":495},"2026-01-16",{"date":520,"score":211,"percentile":521},"2026-01-17",0.13556,{"date":523,"score":211,"percentile":424},"2026-01-18",{"date":525,"score":211,"percentile":526},"2026-01-19",0.13415,{"date":528,"score":211,"percentile":529},"2026-01-20",0.13395,{"date":531,"score":211,"percentile":532},"2026-01-21",0.1338,{"date":534,"score":211,"percentile":535},"2026-01-22",0.13341,{"date":537,"score":211,"percentile":538},"2026-01-23",0.13422,{"date":540,"score":211,"percentile":541},"2026-01-24",0.13466,{"date":543,"score":211,"percentile":544},"2026-01-25",0.1341,{"date":546,"score":211,"percentile":547},"2026-01-26",0.13342,{"date":549,"score":211,"percentile":550},"2026-01-27",0.1334,{"date":552,"score":211,"percentile":553},"2026-01-28",0.13347,{"date":555,"score":211,"percentile":556},"2026-01-29",0.13329,{"date":558,"score":211,"percentile":559},"2026-01-30",0.13337,{"date":561,"score":211,"percentile":562},"2026-01-31",0.13344,{"date":564,"score":211,"percentile":565},"2026-02-01",0.13354,[567],{"source":215,"cvss_v2_0":568,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":213,"baseSeverity":9,"vectorString":216,"impactScore":569,"exploitabilityScore":570},9.2,3.4,[572],{"ecosystem":9,"name":573,"vendor":574,"product":573,"cpe_part":575,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":576},"ruby","ruby-lang","a",[577,580,582,584,586,588],{"version":578,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.8.6","cpe",{"version":581,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.8.7",{"version":583,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.8.8:dev",{"version":585,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.1",{"version":587,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.2",{"version":589,"is_range":209,"range_type":579,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:dev"]