[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-7798":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":152,"aliases":162,"duplicate_of":9,"upstream":163,"downstream":164,"duplicates":179,"related":180,"reserved_at":9,"published_at":183,"modified_at":184,"state":185,"summary":186,"references_raw":194,"kevs":237,"epss":238,"epss_history":241,"metrics":506,"affected":516},"CVE-2016-7798","The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-326","Inadequate Encryption Strength","The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.","weakness","Draft","Class",[19,144,148],{"id":20,"name":21,"techniques":22},"CAPEC-112","Brute Force",[23],{"id":24,"name":21,"tactics":25,"countermeasures":29},"T1110",[26],{"id":27,"name":28},"TA0031","Credential Access",[30,35,39,43,47,51,55,59,63,67,71,75,79,83,88,92,97,102,106,110,114,118,122,126,130,135,140],{"id":31,"name":32,"tactic":33},"D3-CCSA","Credential Compromise Scope Analysis",{"name":34},"Detect",{"id":36,"name":37,"tactic":38},"D3-AEM","Application Exception Monitoring",{"name":34},{"id":40,"name":41,"tactic":42},"D3-OPM","Operational Process Monitoring",{"name":34},{"id":44,"name":45,"tactic":46},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":34},{"id":48,"name":49,"tactic":50},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":34},{"id":52,"name":53,"tactic":54},"D3-CSPP","Client-server Payload Profiling",{"name":34},{"id":56,"name":57,"tactic":58},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":34},{"id":60,"name":61,"tactic":62},"D3-NTSA","Network Traffic Signature Analysis",{"name":34},{"id":64,"name":65,"tactic":66},"D3-APCA","Application Protocol Command Analysis",{"name":34},{"id":68,"name":69,"tactic":70},"D3-NTCD","Network Traffic Community Deviation",{"name":34},{"id":72,"name":73,"tactic":74},"D3-RTSD","Remote Terminal Session Detection",{"name":34},{"id":76,"name":77,"tactic":78},"D3-CAA","Connection Attempt Analysis",{"name":34},{"id":80,"name":81,"tactic":82},"D3-ANAA","Administrative Network Activity Analysis",{"name":34},{"id":84,"name":85,"tactic":86},"D3-CR","Credential Revocation",{"name":87},"Evict",{"id":89,"name":90,"tactic":91},"D3-ANCI","Authentication Cache Invalidation",{"name":87},{"id":93,"name":94,"tactic":95},"D3-DUC","Decoy User Credential",{"name":96},"Deceive",{"id":98,"name":99,"tactic":100},"D3-CH","Credential Hardening",{"name":101},"Harden",{"id":103,"name":104,"tactic":105},"D3-MFA","Multi-factor Authentication",{"name":101},{"id":107,"name":108,"tactic":109},"D3-CRO","Credential Rotation",{"name":101},{"id":111,"name":112,"tactic":113},"D3-PR","Password Rotation",{"name":101},{"id":115,"name":116,"tactic":117},"D3-PWA","Password Authentication",{"name":101},{"id":119,"name":120,"tactic":121},"D3-CDP","Change Default Password",{"name":101},{"id":123,"name":124,"tactic":125},"D3-SPP","Strong Password Policy",{"name":101},{"id":127,"name":128,"tactic":129},"D3-OTP","One-time Password",{"name":101},{"id":131,"name":132,"tactic":133},"D3-RIC","Reissue Credential",{"name":134},"Restore",{"id":136,"name":137,"tactic":138},"D3-CTS","Credential Transmission Scoping",{"name":139},"Isolate",{"id":141,"name":142,"tactic":143},"D3-NTF","Network Traffic Filtering",{"name":139},{"id":145,"name":146,"techniques":147},"CAPEC-192","Protocol Analysis",[],{"id":149,"name":150,"techniques":151},"CAPEC-20","Encryption Brute Forcing",[],[153],{"_key":154,"name":155,"source":156,"url":157,"maturity":158,"reliability_score":159,"verified":160,"type":9,"platforms":161,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_RUBY_OPENSSL","Openssl","github","https://github.com/ruby/openssl/issues/49","poc",0.3,false,[],[],[],[165,167,169,171,173,175,177],{"_key":166},"SUSE-SU-2020:1570-1",{"_key":168},"DLA-1421-1",{"_key":170},"DSA-3966-1",{"_key":172},"MGASA-2016-0342",{"_key":174},"UBUNTU-CVE-2016-7798",{"_key":176},"USN-3365-1",{"_key":178},"DEBIAN-CVE-2016-7798",[],[181,182],{"_key":166},{"_key":172},"2017-01-30T22:00:00.000Z","2024-08-06T02:04:56.020Z","Modified",{"cisa_kev":160,"cisa_ransomware":160,"cisa_vendor":9,"epss_severity":187,"epss_score":188,"severity":189,"severity_score":190,"severity_version":191,"severity_source":192,"severity_vector":193,"severity_status":185},"low",0.00557,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[195,204,210,215,219,223,227,233],{"url":196,"sources":197,"tags":199},"http://www.openwall.com/lists/oss-security/2016/09/30/6",[198,192],"cve.org",[200,201,202,203],"Mailing List","X Refsource MLIST","Patch","Third Party Advisory",{"url":205,"sources":206,"tags":207},"https://www.debian.org/security/2017/dsa-3966",[198,192],[208,209,203],"Vendor Advisory","X Refsource DEBIAN",{"url":211,"sources":212,"tags":213},"https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062",[198,192],[214,202,203],"X Refsource CONFIRM",{"url":216,"sources":217,"tags":218},"http://www.openwall.com/lists/oss-security/2016/10/01/2",[198,192],[200,201,203],{"url":220,"sources":221,"tags":222},"https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html",[198,192],[200,201,203],{"url":224,"sources":225,"tags":226},"http://www.openwall.com/lists/oss-security/2016/09/19/9",[198,192],[200,201,203],{"url":228,"sources":229,"tags":230},"http://www.securityfocus.com/bid/93031",[198,192],[231,232,203],"VDB Entry","X Refsource BID",{"url":157,"sources":234,"tags":235},[198,192],[214,236,203],"Exploit",[],{"date":239,"score":188,"percentile":240},"2026-06-04",0.68537,[242,246,249,252,255,258,261,264,267,270,273,276,279,282,284,287,290,293,296,299,301,304,306,309,312,315,318,321,325,328,331,334,337,340,343,346,349,352,355,358,361,364,366,369,372,375,378,380,383,386,388,391,394,397,400,403,406,409,412,415,418,421,424,427,429,432,435,438,440,443,446,449,452,455,458,461,464,467,470,474,477,480,483,486,489,492,494,496,499,502],{"date":243,"score":244,"percentile":245},"2025-11-04",0.00597,0.68489,{"date":247,"score":244,"percentile":248},"2025-11-05",0.68473,{"date":250,"score":244,"percentile":251},"2025-11-06",0.68475,{"date":253,"score":244,"percentile":254},"2025-11-07",0.68486,{"date":256,"score":244,"percentile":257},"2025-11-08",0.68488,{"date":259,"score":244,"percentile":260},"2025-11-09",0.68481,{"date":262,"score":244,"percentile":263},"2025-11-10",0.68469,{"date":265,"score":244,"percentile":266},"2025-11-11",0.68479,{"date":268,"score":244,"percentile":269},"2025-11-12",0.68503,{"date":271,"score":244,"percentile":272},"2025-11-13",0.68511,{"date":274,"score":244,"percentile":275},"2025-11-14",0.68518,{"date":277,"score":244,"percentile":278},"2025-11-15",0.68516,{"date":280,"score":244,"percentile":281},"2025-11-16",0.68513,{"date":283,"score":244,"percentile":281},"2025-11-17",{"date":285,"score":244,"percentile":286},"2025-11-18",0.66853,{"date":288,"score":244,"percentile":289},"2025-11-19",0.6686,{"date":291,"score":244,"percentile":292},"2025-11-20",0.66852,{"date":294,"score":244,"percentile":295},"2025-11-21",0.68529,{"date":297,"score":244,"percentile":298},"2025-11-22",0.68527,{"date":300,"score":244,"percentile":275},"2025-11-23",{"date":302,"score":244,"percentile":303},"2025-11-24",0.68506,{"date":305,"score":244,"percentile":281},"2025-11-25",{"date":307,"score":244,"percentile":308},"2025-11-26",0.6852,{"date":310,"score":244,"percentile":311},"2025-11-27",0.68521,{"date":313,"score":244,"percentile":314},"2025-11-28",0.68509,{"date":316,"score":244,"percentile":317},"2025-11-29",0.68494,{"date":319,"score":244,"percentile":320},"2025-11-30",0.6849,{"date":322,"score":323,"percentile":324},"2025-12-01",0.00512,0.65744,{"date":326,"score":323,"percentile":327},"2025-12-02",0.6576,{"date":329,"score":323,"percentile":330},"2025-12-03",0.65758,{"date":332,"score":244,"percentile":333},"2025-12-04",0.68483,{"date":335,"score":244,"percentile":336},"2025-12-05",0.68499,{"date":338,"score":244,"percentile":339},"2025-12-06",0.68504,{"date":341,"score":244,"percentile":342},"2025-12-07",0.685,{"date":344,"score":244,"percentile":345},"2025-12-08",0.68505,{"date":347,"score":244,"percentile":348},"2025-12-09",0.68534,{"date":350,"score":244,"percentile":351},"2025-12-10",0.68578,{"date":353,"score":244,"percentile":354},"2025-12-11",0.68597,{"date":356,"score":244,"percentile":357},"2025-12-12",0.68624,{"date":359,"score":244,"percentile":360},"2025-12-13",0.68626,{"date":362,"score":244,"percentile":363},"2025-12-14",0.68627,{"date":365,"score":244,"percentile":357},"2025-12-15",{"date":367,"score":244,"percentile":368},"2025-12-16",0.68631,{"date":370,"score":244,"percentile":371},"2025-12-17",0.68641,{"date":373,"score":244,"percentile":374},"2025-12-18",0.68671,{"date":376,"score":244,"percentile":377},"2025-12-19",0.68687,{"date":379,"score":244,"percentile":377},"2025-12-20",{"date":381,"score":244,"percentile":382},"2025-12-21",0.68672,{"date":384,"score":244,"percentile":385},"2025-12-22",0.68676,{"date":387,"score":244,"percentile":374},"2025-12-23",{"date":389,"score":244,"percentile":390},"2025-12-24",0.6868,{"date":392,"score":244,"percentile":393},"2025-12-25",0.68709,{"date":395,"score":244,"percentile":396},"2025-12-26",0.6871,{"date":398,"score":244,"percentile":399},"2025-12-27",0.68752,{"date":401,"score":244,"percentile":402},"2025-12-28",0.68681,{"date":404,"score":244,"percentile":405},"2025-12-29",0.68674,{"date":407,"score":244,"percentile":408},"2025-12-30",0.68688,{"date":410,"score":244,"percentile":411},"2025-12-31",0.68704,{"date":413,"score":323,"percentile":414},"2026-01-01",0.66022,{"date":416,"score":323,"percentile":417},"2026-01-02",0.66004,{"date":419,"score":323,"percentile":420},"2026-01-03",0.66006,{"date":422,"score":244,"percentile":423},"2026-01-04",0.68708,{"date":425,"score":244,"percentile":426},"2026-01-05",0.68697,{"date":428,"score":244,"percentile":423},"2026-01-06",{"date":430,"score":244,"percentile":431},"2026-01-07",0.68725,{"date":433,"score":244,"percentile":434},"2026-01-08",0.68741,{"date":436,"score":244,"percentile":437},"2026-01-09",0.68749,{"date":439,"score":244,"percentile":437},"2026-01-10",{"date":441,"score":244,"percentile":442},"2026-01-11",0.6874,{"date":444,"score":244,"percentile":445},"2026-01-12",0.68732,{"date":447,"score":244,"percentile":448},"2026-01-13",0.68731,{"date":450,"score":244,"percentile":451},"2026-01-14",0.68763,{"date":453,"score":244,"percentile":454},"2026-01-15",0.68769,{"date":456,"score":244,"percentile":457},"2026-01-16",0.68784,{"date":459,"score":244,"percentile":460},"2026-01-17",0.68773,{"date":462,"score":244,"percentile":463},"2026-01-18",0.6876,{"date":465,"score":244,"percentile":466},"2026-01-19",0.68751,{"date":468,"score":244,"percentile":469},"2026-01-20",0.68762,{"date":471,"score":472,"percentile":473},"2026-01-21",0.00792,0.73399,{"date":475,"score":472,"percentile":476},"2026-01-22",0.73405,{"date":478,"score":472,"percentile":479},"2026-01-23",0.73435,{"date":481,"score":472,"percentile":482},"2026-01-24",0.73443,{"date":484,"score":472,"percentile":485},"2026-01-25",0.73427,{"date":487,"score":472,"percentile":488},"2026-01-26",0.73424,{"date":490,"score":472,"percentile":491},"2026-01-27",0.73429,{"date":493,"score":472,"percentile":482},"2026-01-28",{"date":495,"score":472,"percentile":482},"2026-01-29",{"date":497,"score":472,"percentile":498},"2026-01-30",0.7345,{"date":500,"score":472,"percentile":501},"2026-01-31",0.73455,{"date":503,"score":504,"percentile":505},"2026-02-01",0.0068,0.7122,[507],{"source":192,"cvss_v2_0":508,"cvss_v3_0":9,"cvss_v3_1":513,"cvss_v4_0":9},{"baseScore":509,"baseSeverity":9,"vectorString":510,"impactScore":511,"exploitabilityScore":512},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":190,"baseSeverity":514,"vectorString":193,"impactScore":515,"exploitabilityScore":512},"HIGH",6,[517,528],{"ecosystem":9,"name":518,"vendor":519,"product":520,"cpe_part":521,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":522},"debian linux","debian","debian_linux","o",[523,526],{"version":524,"is_range":160,"range_type":525,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":527,"is_range":160,"range_type":525,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":529,"vendor":530,"product":529,"cpe_part":531,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":532},"openssl","ruby-lang","a",[533],{"version":534,"is_range":535,"range_type":525,"version_start":9,"version_start_type":9,"version_end":536,"version_end_type":537,"fixed_in":9},"lt2.0.0",true,"2.0.0","excluding"]