[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-2098":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":531,"aliases":565,"duplicate_of":9,"upstream":566,"downstream":567,"duplicates":592,"related":593,"reserved_at":9,"published_at":600,"modified_at":601,"state":602,"summary":603,"references_raw":611,"kevs":673,"epss":674,"epss_history":677,"metrics":891,"affected":901},"CVE-2016-2098","Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-20","Improper Input Validation","The product receives input or data, but it does\n        not validate or incorrectly validates that the input has the\n        properties that are required to process the data safely and\n        correctly.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,232,236,240,244,248,252,256,260,264,268,272,276,280,284,325,329,333,381,385,389,393,397,401,451,455,459,463,467,471,475,479,483,487,491,495,499,503,507,511,515,519,523,527],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-101","Server Side Include (SSI) Injection",[],{"id":29,"name":30,"techniques":31},"CAPEC-104","Cross Zone Scripting",[],{"id":33,"name":34,"techniques":35},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-109","Object Relational Mapping Injection",[],{"id":41,"name":42,"techniques":43},"CAPEC-110","SQL Injection through SOAP Parameter Tampering",[],{"id":45,"name":46,"techniques":47},"CAPEC-120","Double Encoding",[],{"id":49,"name":50,"techniques":51},"CAPEC-13","Subverting Environment Variable Values",[52,150,192],{"id":53,"name":54,"tactics":55,"countermeasures":62},"T1562.003","Impair Command History Logging",[56,59],{"id":57,"name":58},"TA0030","Defense Evasion",{"id":60,"name":61},"TA0005","Stealth",[63,68,73,77,81,85,90,94,99,104,108,112,117,121,126,130,134,138,142,146],{"id":64,"name":65,"tactic":66},"D3-CI","Configuration Inventory",{"name":67},"Model",{"id":69,"name":70,"tactic":71},"D3-FA","File Analysis",{"name":72},"Detect",{"id":74,"name":75,"tactic":76},"D3-FIM","File Integrity Monitoring",{"name":72},{"id":78,"name":79,"tactic":80},"D3-DA","Dynamic Analysis",{"name":72},{"id":82,"name":83,"tactic":84},"D3-EFA","Emulated File Analysis",{"name":72},{"id":86,"name":87,"tactic":88},"D3-FEV","File Eviction",{"name":89},"Evict",{"id":91,"name":92,"tactic":93},"D3-RKD","Registry Key Deletion",{"name":89},{"id":95,"name":96,"tactic":97},"D3-DF","Decoy File",{"name":98},"Deceive",{"id":100,"name":101,"tactic":102},"D3-DRA","Disable Remote Access",{"name":103},"Harden",{"id":105,"name":106,"tactic":107},"D3-ACH","Application Configuration Hardening",{"name":103},{"id":109,"name":110,"tactic":111},"D3-FE","File Encryption",{"name":103},{"id":113,"name":114,"tactic":115},"D3-RC","Restore Configuration",{"name":116},"Restore",{"id":118,"name":119,"tactic":120},"D3-RF","Restore File",{"name":116},{"id":122,"name":123,"tactic":124},"D3-CQ","Content Quarantine",{"name":125},"Isolate",{"id":127,"name":128,"tactic":129},"D3-CF","Content Filtering",{"name":125},{"id":131,"name":132,"tactic":133},"D3-LFP","Local File Permissions",{"name":125},{"id":135,"name":136,"tactic":137},"D3-RFAM","Remote File Access Mediation",{"name":125},{"id":139,"name":140,"tactic":141},"D3-CM","Content Modification",{"name":125},{"id":143,"name":144,"tactic":145},"D3-EAL","Executable Allowlisting",{"name":125},{"id":147,"name":148,"tactic":149},"D3-EDL","Executable Denylisting",{"name":125},{"id":151,"name":152,"tactics":153,"countermeasures":165},"T1574.006","Dynamic Linker Hijacking",[154,157,160,161,162],{"id":155,"name":156},"TA0110","Persistence",{"id":158,"name":159},"TA0111","Privilege Escalation",{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},"TA0104","Execution",[166,170,172,174,176,178,180,182,184,186,188,190],{"id":167,"name":168,"tactic":169},"D3-SFA","System File Analysis",{"name":72},{"id":69,"name":70,"tactic":171},{"name":72},{"id":74,"name":75,"tactic":173},{"name":72},{"id":86,"name":87,"tactic":175},{"name":89},{"id":95,"name":96,"tactic":177},{"name":98},{"id":109,"name":110,"tactic":179},{"name":103},{"id":118,"name":119,"tactic":181},{"name":116},{"id":127,"name":128,"tactic":183},{"name":125},{"id":131,"name":132,"tactic":185},{"name":125},{"id":135,"name":136,"tactic":187},{"name":125},{"id":122,"name":123,"tactic":189},{"name":125},{"id":139,"name":140,"tactic":191},{"name":125},{"id":193,"name":194,"tactics":195,"countermeasures":201},"T1574.007","Path Interception by PATH Environment Variable",[196,197,198,199,200],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[202,204,206,208,210,212,214,216,218,220,222,224,226,228,230],{"id":69,"name":70,"tactic":203},{"name":72},{"id":74,"name":75,"tactic":205},{"name":72},{"id":78,"name":79,"tactic":207},{"name":72},{"id":82,"name":83,"tactic":209},{"name":72},{"id":86,"name":87,"tactic":211},{"name":89},{"id":95,"name":96,"tactic":213},{"name":98},{"id":109,"name":110,"tactic":215},{"name":103},{"id":118,"name":119,"tactic":217},{"name":116},{"id":127,"name":128,"tactic":219},{"name":125},{"id":131,"name":132,"tactic":221},{"name":125},{"id":135,"name":136,"tactic":223},{"name":125},{"id":122,"name":123,"tactic":225},{"name":125},{"id":139,"name":140,"tactic":227},{"name":125},{"id":143,"name":144,"tactic":229},{"name":125},{"id":147,"name":148,"tactic":231},{"name":125},{"id":233,"name":234,"techniques":235},"CAPEC-135","Format String Injection",[],{"id":237,"name":238,"techniques":239},"CAPEC-136","LDAP Injection",[],{"id":241,"name":242,"techniques":243},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":245,"name":246,"techniques":247},"CAPEC-153","Input Data Manipulation",[],{"id":249,"name":250,"techniques":251},"CAPEC-182","Flash Injection",[],{"id":253,"name":254,"techniques":255},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":257,"name":258,"techniques":259},"CAPEC-22","Exploiting Trust in Client",[],{"id":261,"name":262,"techniques":263},"CAPEC-23","File Content Injection",[],{"id":265,"name":266,"techniques":267},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":269,"name":270,"techniques":271},"CAPEC-231","Oversized Serialized Data Payloads",[],{"id":273,"name":274,"techniques":275},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":277,"name":278,"techniques":279},"CAPEC-250","XML Injection",[],{"id":281,"name":282,"techniques":283},"CAPEC-261","Fuzzing for garnering other adjacent user/sensitive data",[],{"id":285,"name":286,"techniques":287},"CAPEC-267","Leverage Alternate Encoding",[288],{"id":289,"name":290,"tactics":291,"countermeasures":294},"T1027","Obfuscated Files or Information",[292,293],{"id":57,"name":58},{"id":60,"name":61},[295,297,299,301,303,305,307,309,311,313,315,317,319,321,323],{"id":69,"name":70,"tactic":296},{"name":72},{"id":74,"name":75,"tactic":298},{"name":72},{"id":78,"name":79,"tactic":300},{"name":72},{"id":82,"name":83,"tactic":302},{"name":72},{"id":86,"name":87,"tactic":304},{"name":89},{"id":95,"name":96,"tactic":306},{"name":98},{"id":109,"name":110,"tactic":308},{"name":103},{"id":118,"name":119,"tactic":310},{"name":116},{"id":127,"name":128,"tactic":312},{"name":125},{"id":131,"name":132,"tactic":314},{"name":125},{"id":135,"name":136,"tactic":316},{"name":125},{"id":122,"name":123,"tactic":318},{"name":125},{"id":139,"name":140,"tactic":320},{"name":125},{"id":143,"name":144,"tactic":322},{"name":125},{"id":147,"name":148,"tactic":324},{"name":125},{"id":326,"name":327,"techniques":328},"CAPEC-28","Fuzzing",[],{"id":330,"name":331,"techniques":332},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":334,"name":335,"techniques":336},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[337],{"id":338,"name":339,"tactics":340,"countermeasures":344},"T1539","Steal Web Session Cookie",[341],{"id":342,"name":343},"TA0031","Credential Access",[345,349,353,357,361,365,369,373,377],{"id":346,"name":347,"tactic":348},"D3-CCSA","Credential Compromise Scope Analysis",{"name":72},{"id":350,"name":351,"tactic":352},"D3-CR","Credential Revocation",{"name":89},{"id":354,"name":355,"tactic":356},"D3-ANCI","Authentication Cache Invalidation",{"name":89},{"id":358,"name":359,"tactic":360},"D3-DUC","Decoy User Credential",{"name":98},{"id":362,"name":363,"tactic":364},"D3-CH","Credential Hardening",{"name":103},{"id":366,"name":367,"tactic":368},"D3-MFA","Multi-factor Authentication",{"name":103},{"id":370,"name":371,"tactic":372},"D3-CRO","Credential Rotation",{"name":103},{"id":374,"name":375,"tactic":376},"D3-RIC","Reissue Credential",{"name":116},{"id":378,"name":379,"tactic":380},"D3-CTS","Credential Transmission Scoping",{"name":125},{"id":382,"name":383,"techniques":384},"CAPEC-42","MIME Conversion",[],{"id":386,"name":387,"techniques":388},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":390,"name":391,"techniques":392},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":394,"name":395,"techniques":396},"CAPEC-46","Overflow Variables and Tags",[],{"id":398,"name":399,"techniques":400},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":402,"name":403,"techniques":404},"CAPEC-473","Signature Spoof",[405,442],{"id":406,"name":407,"tactics":408,"countermeasures":411},"T1036.001","Invalid Code Signature",[409,410],{"id":57,"name":58},{"id":60,"name":61},[412,414,416,418,420,422,424,426,428,430,432,434,436,438,440],{"id":69,"name":70,"tactic":413},{"name":72},{"id":74,"name":75,"tactic":415},{"name":72},{"id":78,"name":79,"tactic":417},{"name":72},{"id":82,"name":83,"tactic":419},{"name":72},{"id":86,"name":87,"tactic":421},{"name":89},{"id":95,"name":96,"tactic":423},{"name":98},{"id":109,"name":110,"tactic":425},{"name":103},{"id":118,"name":119,"tactic":427},{"name":116},{"id":127,"name":128,"tactic":429},{"name":125},{"id":131,"name":132,"tactic":431},{"name":125},{"id":135,"name":136,"tactic":433},{"name":125},{"id":122,"name":123,"tactic":435},{"name":125},{"id":139,"name":140,"tactic":437},{"name":125},{"id":143,"name":144,"tactic":439},{"name":125},{"id":147,"name":148,"tactic":441},{"name":125},{"id":443,"name":444,"tactics":445,"countermeasures":450},"T1553.002","Code Signing",[446,447],{"id":57,"name":58},{"id":448,"name":449},"TA0112","Defense Impairment",[],{"id":452,"name":453,"techniques":454},"CAPEC-52","Embedding NULL Bytes",[],{"id":456,"name":457,"techniques":458},"CAPEC-53","Postfix, Null Terminate, and Backslash",[],{"id":460,"name":461,"techniques":462},"CAPEC-588","DOM-Based XSS",[],{"id":464,"name":465,"techniques":466},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":468,"name":469,"techniques":470},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":472,"name":473,"techniques":474},"CAPEC-664","Server Side Request Forgery",[],{"id":476,"name":477,"techniques":478},"CAPEC-67","String Format Overflow in syslog()",[],{"id":480,"name":481,"techniques":482},"CAPEC-7","Blind SQL Injection",[],{"id":484,"name":485,"techniques":486},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":488,"name":489,"techniques":490},"CAPEC-72","URL Encoding",[],{"id":492,"name":493,"techniques":494},"CAPEC-73","User-Controlled Filename",[],{"id":496,"name":497,"techniques":498},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":500,"name":501,"techniques":502},"CAPEC-79","Using Slashes in Alternate Encoding",[],{"id":504,"name":505,"techniques":506},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":508,"name":509,"techniques":510},"CAPEC-80","Using UTF-8 Encoding to Bypass Validation Logic",[],{"id":512,"name":513,"techniques":514},"CAPEC-81","Web Server Logs Tampering",[],{"id":516,"name":517,"techniques":518},"CAPEC-83","XPath Injection",[],{"id":520,"name":521,"techniques":522},"CAPEC-85","AJAX Footprinting",[],{"id":524,"name":525,"techniques":526},"CAPEC-88","OS Command Injection",[],{"id":528,"name":529,"techniques":530},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[532,546],{"_key":533,"name":534,"source":535,"url":536,"maturity":537,"reliability_score":538,"verified":539,"type":540,"platforms":541,"requires_auth":9,"exploitdb":543,"metasploit":9},"40086","Ruby on Rails ActionPack Inline ERB - Code Execution (Metasploit)","exploit-database","https://www.exploit-db.com/exploits/40086","weaponized",0.8,true,"remote",[542],"ruby",{"verified":539,"type":540,"platform":542,"file":544,"codes":545},"exploits/ruby/remote/40086.rb",[7],{"_key":547,"name":548,"source":549,"url":550,"maturity":537,"reliability_score":551,"verified":539,"type":540,"platforms":552,"requires_auth":553,"exploitdb":9,"metasploit":554},"MSF_EXPLOIT_MULTI_HTTP_RAILS_ACTIONPACK_INLINE_EXEC","Ruby on Rails ActionPack Inline ERB Code Execution","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/multi/http/rails_actionpack_inline_exec.rb",1,[],false,{"fullname":555,"rank":556,"rank_name":557,"post_auth":553,"check":553,"notes":558},"exploit/multi/http/rails_actionpack_inline_exec",600,"excellent",{"Stability":559,"SideEffects":561,"Reliability":563},[560],"unknown-stability",[562],"unknown-side-effects",[564],"unknown-reliability",[],[],[568,570,572,574,576,578,580,582,584,586,588,590],{"_key":569},"RHSA-2016:0456",{"_key":571},"SUSE-SU-2016:0854-1",{"_key":573},"SUSE-SU-2016:0867-1",{"_key":575},"SUSE-SU-2016:0967-1",{"_key":577},"SUSE-SU-2016:1146-1",{"_key":579},"SUSE-SU-2017:2716-1",{"_key":581},"OPENSUSE-SU-2024:10057-1",{"_key":583},"RHSA-2016:0454",{"_key":585},"RHSA-2016:0455",{"_key":587},"DLA-604-1",{"_key":589},"DSA-3509-1",{"_key":591},"DEBIAN-CVE-2016-2098",[],[594,595,596,597,598,599],{"_key":571},{"_key":573},{"_key":575},{"_key":577},{"_key":579},{"_key":581},"2016-04-07T23:00:00.000Z","2024-08-05T23:17:50.698Z","Modified",{"cisa_kev":553,"cisa_ransomware":553,"cisa_vendor":9,"epss_severity":604,"epss_score":605,"severity":606,"severity_score":607,"severity_version":608,"severity_source":609,"severity_vector":610,"severity_status":602},"critical",0.86668,"high",7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[612,619,623,628,634,639,645,649,653,657,661,667],{"url":613,"sources":614,"tags":616},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00086.html",[615,609],"cve.org",[617,618],"Vendor Advisory","X Refsource SUSE",{"url":620,"sources":621,"tags":622},"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00006.html",[615,609],[617,618],{"url":624,"sources":625,"tags":626},"http://www.debian.org/security/2016/dsa-3509",[615,609],[617,627],"X Refsource DEBIAN",{"url":629,"sources":630,"tags":631},"http://www.securityfocus.com/bid/83725",[615,609],[632,633],"VDB Entry","X Refsource BID",{"url":635,"sources":636,"tags":637},"http://www.securitytracker.com/id/1035122",[615,609],[632,638],"X Refsource SECTRACK",{"url":640,"sources":641,"tags":642},"https://www.exploit-db.com/exploits/40086/",[615,609],[643,644],"Exploit","X Refsource EXPLOIT DB",{"url":646,"sources":647,"tags":648},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00083.html",[615,609],[617,618],{"url":650,"sources":651,"tags":652},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00057.html",[615,609],[617,618],{"url":654,"sources":655,"tags":656},"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html",[615,609],[617,618],{"url":658,"sources":659,"tags":660},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00080.html",[615,609],[617,618],{"url":662,"sources":663,"tags":664},"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ",[615,609],[665,666],"Mailing List","X Refsource MLIST",{"url":668,"sources":669,"tags":670},"http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/",[615,609],[671,672,617],"X Refsource CONFIRM","Patch",[],{"date":675,"score":605,"percentile":676},"2026-06-04",0.99438,[678,682,684,686,689,691,693,695,697,699,702,704,706,708,710,713,716,718,720,722,724,726,728,730,732,734,737,739,743,746,748,751,753,756,759,761,764,766,768,770,772,776,778,781,784,787,790,792,794,796,798,801,803,805,808,810,812,814,816,819,821,824,826,828,830,832,834,837,840,842,844,847,849,852,854,857,860,862,864,866,868,871,873,875,878,881,883,885,887,889],{"date":679,"score":680,"percentile":681},"2025-11-04",0.86074,0.99348,{"date":683,"score":680,"percentile":681},"2025-11-05",{"date":685,"score":680,"percentile":681},"2025-11-06",{"date":687,"score":680,"percentile":688},"2025-11-07",0.99349,{"date":690,"score":680,"percentile":681},"2025-11-08",{"date":692,"score":680,"percentile":688},"2025-11-09",{"date":694,"score":680,"percentile":681},"2025-11-10",{"date":696,"score":680,"percentile":688},"2025-11-11",{"date":698,"score":680,"percentile":688},"2025-11-12",{"date":700,"score":680,"percentile":701},"2025-11-13",0.9935,{"date":703,"score":680,"percentile":701},"2025-11-14",{"date":705,"score":680,"percentile":701},"2025-11-15",{"date":707,"score":680,"percentile":701},"2025-11-16",{"date":709,"score":680,"percentile":701},"2025-11-17",{"date":711,"score":680,"percentile":712},"2025-11-18",0.9948,{"date":714,"score":680,"percentile":715},"2025-11-19",0.99481,{"date":717,"score":680,"percentile":712},"2025-11-20",{"date":719,"score":680,"percentile":688},"2025-11-21",{"date":721,"score":680,"percentile":688},"2025-11-22",{"date":723,"score":680,"percentile":701},"2025-11-23",{"date":725,"score":680,"percentile":688},"2025-11-24",{"date":727,"score":680,"percentile":701},"2025-11-25",{"date":729,"score":680,"percentile":701},"2025-11-26",{"date":731,"score":680,"percentile":701},"2025-11-27",{"date":733,"score":680,"percentile":701},"2025-11-28",{"date":735,"score":680,"percentile":736},"2025-11-29",0.99351,{"date":738,"score":680,"percentile":736},"2025-11-30",{"date":740,"score":741,"percentile":742},"2025-12-01",0.8595,0.99356,{"date":744,"score":741,"percentile":745},"2025-12-02",0.99357,{"date":747,"score":741,"percentile":742},"2025-12-03",{"date":749,"score":680,"percentile":750},"2025-12-04",0.99352,{"date":752,"score":680,"percentile":750},"2025-12-05",{"date":754,"score":680,"percentile":755},"2025-12-06",0.99353,{"date":757,"score":680,"percentile":758},"2025-12-07",0.99354,{"date":760,"score":680,"percentile":758},"2025-12-08",{"date":762,"score":680,"percentile":763},"2025-12-09",0.99355,{"date":765,"score":680,"percentile":742},"2025-12-10",{"date":767,"score":680,"percentile":742},"2025-12-11",{"date":769,"score":680,"percentile":742},"2025-12-12",{"date":771,"score":680,"percentile":742},"2025-12-13",{"date":773,"score":774,"percentile":775},"2025-12-14",0.8743,0.99421,{"date":777,"score":774,"percentile":775},"2025-12-15",{"date":779,"score":774,"percentile":780},"2025-12-16",0.99422,{"date":782,"score":774,"percentile":783},"2025-12-17",0.99423,{"date":785,"score":774,"percentile":786},"2025-12-18",0.99425,{"date":788,"score":774,"percentile":789},"2025-12-19",0.99426,{"date":791,"score":774,"percentile":789},"2025-12-20",{"date":793,"score":774,"percentile":789},"2025-12-21",{"date":795,"score":774,"percentile":789},"2025-12-22",{"date":797,"score":774,"percentile":789},"2025-12-23",{"date":799,"score":774,"percentile":800},"2025-12-24",0.99427,{"date":802,"score":774,"percentile":800},"2025-12-25",{"date":804,"score":774,"percentile":789},"2025-12-26",{"date":806,"score":774,"percentile":807},"2025-12-27",0.99428,{"date":809,"score":774,"percentile":786},"2025-12-28",{"date":811,"score":774,"percentile":786},"2025-12-29",{"date":813,"score":774,"percentile":786},"2025-12-30",{"date":815,"score":774,"percentile":789},"2025-12-31",{"date":817,"score":818,"percentile":807},"2026-01-01",0.8714,{"date":820,"score":818,"percentile":807},"2026-01-02",{"date":822,"score":818,"percentile":823},"2026-01-03",0.99429,{"date":825,"score":774,"percentile":807},"2026-01-04",{"date":827,"score":774,"percentile":807},"2026-01-05",{"date":829,"score":774,"percentile":807},"2026-01-06",{"date":831,"score":774,"percentile":823},"2026-01-07",{"date":833,"score":774,"percentile":823},"2026-01-08",{"date":835,"score":774,"percentile":836},"2026-01-09",0.9943,{"date":838,"score":774,"percentile":839},"2026-01-10",0.99431,{"date":841,"score":774,"percentile":839},"2026-01-11",{"date":843,"score":774,"percentile":839},"2026-01-12",{"date":845,"score":774,"percentile":846},"2026-01-13",0.99432,{"date":848,"score":774,"percentile":846},"2026-01-14",{"date":850,"score":774,"percentile":851},"2026-01-15",0.99433,{"date":853,"score":774,"percentile":851},"2026-01-16",{"date":855,"score":774,"percentile":856},"2026-01-17",0.99434,{"date":858,"score":774,"percentile":859},"2026-01-18",0.99435,{"date":861,"score":774,"percentile":856},"2026-01-19",{"date":863,"score":774,"percentile":859},"2026-01-20",{"date":865,"score":774,"percentile":859},"2026-01-21",{"date":867,"score":774,"percentile":856},"2026-01-22",{"date":869,"score":774,"percentile":870},"2026-01-23",0.99436,{"date":872,"score":774,"percentile":870},"2026-01-24",{"date":874,"score":774,"percentile":870},"2026-01-25",{"date":876,"score":774,"percentile":877},"2026-01-26",0.99437,{"date":879,"score":774,"percentile":880},"2026-01-27",0.99439,{"date":882,"score":774,"percentile":676},"2026-01-28",{"date":884,"score":774,"percentile":676},"2026-01-29",{"date":886,"score":774,"percentile":877},"2026-01-30",{"date":888,"score":774,"percentile":676},"2026-01-31",{"date":890,"score":818,"percentile":880},"2026-02-01",[892],{"source":609,"cvss_v2_0":893,"cvss_v3_0":896,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":607,"baseSeverity":9,"vectorString":610,"impactScore":894,"exploitabilityScore":895},6.4,10,{"baseScore":897,"baseSeverity":898,"vectorString":899,"impactScore":900,"exploitabilityScore":895},7.3,"HIGH","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",5.7,[902,911,1056],{"ecosystem":9,"name":903,"vendor":904,"product":905,"cpe_part":906,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":907},"debian linux","debian","debian_linux","o",[908],{"version":909,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":912,"vendor":913,"product":912,"cpe_part":914,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":915},"rails","rubyonrails","a",[916,918,920,922,924,926,928,930,932,934,936,938,940,942,944,946,948,950,952,954,956,958,960,962,964,966,968,970,972,974,976,978,980,982,984,986,988,990,992,994,996,998,1000,1002,1004,1006,1008,1010,1012,1014,1016,1018,1020,1022,1024,1026,1028,1030,1032,1034,1036,1038,1040,1042,1044,1046,1048,1050,1052,1054],{"version":917,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0",{"version":919,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:beta",{"version":921,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:rc1",{"version":923,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:rc2",{"version":925,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1",{"version":927,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1:rc1",{"version":929,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1:rc2",{"version":931,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1:rc3",{"version":933,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1:rc4",{"version":935,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.2",{"version":937,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.3",{"version":939,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.4",{"version":941,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.4:rc1",{"version":943,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.5",{"version":945,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.6",{"version":947,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.6:rc1",{"version":949,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.6:rc2",{"version":951,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.6:rc3",{"version":953,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.7",{"version":955,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.8",{"version":957,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.9",{"version":959,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.10:rc1",{"version":961,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0",{"version":963,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0:beta1",{"version":965,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0:beta2",{"version":967,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0:rc1",{"version":969,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0:rc2",{"version":971,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.1",{"version":973,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.2",{"version":975,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.2:rc1",{"version":977,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.2:rc2",{"version":979,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.2:rc3",{"version":981,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.3",{"version":983,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.4",{"version":985,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.5",{"version":987,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.6:rc1",{"version":989,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.6:rc2",{"version":991,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.7",{"version":993,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.7.1",{"version":995,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.8",{"version":997,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.9:rc1",{"version":999,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.10:rc1",{"version":1001,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.10:rc2",{"version":1003,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.10:rc3",{"version":1005,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.10:rc4",{"version":1007,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.12:rc1",{"version":1009,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.13:rc1",{"version":1011,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.14:rc1",{"version":1013,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.14:rc2",{"version":1015,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:beta1",{"version":1017,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:beta2",{"version":1019,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:beta3",{"version":1021,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:beta4",{"version":1023,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:rc1",{"version":1025,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:rc2",{"version":1027,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0:rc3",{"version":1029,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1",{"version":1031,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1:rc1",{"version":1033,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1:rc2",{"version":1035,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1:rc3",{"version":1037,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1:rc4",{"version":1039,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.2",{"version":1041,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.3",{"version":1043,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.3:rc1",{"version":1045,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.4",{"version":1047,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.4:rc1",{"version":1049,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.5",{"version":1051,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.5:rc1",{"version":1053,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.5:rc2",{"version":1055,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.5.1",{"ecosystem":9,"name":1057,"vendor":913,"product":1058,"cpe_part":914,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1059},"ruby on rails","ruby_on_rails",[1060,1064],{"version":1061,"is_range":539,"range_type":910,"version_start":9,"version_start_type":9,"version_end":1062,"version_end_type":1063,"fixed_in":9},"lte3.2.22.1","3.2.22.1","including",{"version":1065,"is_range":553,"range_type":910,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.14.1"]