[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-16395":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":54,"related":55,"reserved_at":9,"published_at":61,"modified_at":62,"state":63,"summary":64,"references_raw":73,"kevs":166,"epss":167,"epss_history":170,"metrics":422,"affected":431},"CVE-2018-16395","An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52],{"_key":23},"ALPINE-CVE-2018-16395",{"_key":25},"RHSA-2018:3738",{"_key":27},"RHSA-2019:1948",{"_key":29},"RHSA-2019:2565",{"_key":31},"SUSE-SU-2019:1804-1",{"_key":33},"SUSE-SU-2020:1570-1",{"_key":35},"SUSE-SU-2022:15034-1",{"_key":37},"OPENSUSE-SU-2019:1771-1",{"_key":39},"DLA-1558-1",{"_key":41},"DSA-4332-1",{"_key":43},"MGASA-2018-0411",{"_key":45},"RHSA-2018:3729",{"_key":47},"RHSA-2018:3730",{"_key":49},"RHSA-2018:3731",{"_key":51},"UBUNTU-CVE-2018-16395",{"_key":53},"USN-3808-1",[],[56,57,58,59,60],{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":43},"2018-11-16T18:00:00.000Z","2024-08-05T10:24:32.106Z","Modified",{"cisa_kev":65,"cisa_ransomware":65,"cisa_vendor":9,"epss_severity":66,"epss_score":67,"severity":68,"severity_score":69,"severity_version":70,"severity_source":71,"severity_vector":72,"severity_status":63},false,"low",0.0421,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[74,82,88,93,97,103,107,111,115,120,125,129,133,137,143,149,154,158,162],{"url":75,"sources":76,"tags":78},"https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/",[77,71],"cve.org",[79,80,81],"X Refsource CONFIRM","Mitigation","Vendor Advisory",{"url":83,"sources":84,"tags":85},"https://access.redhat.com/errata/RHSA-2018:3738",[77,71],[81,86,87],"X Refsource REDHAT","Third Party Advisory",{"url":89,"sources":90,"tags":91},"https://www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released/",[77,71],[79,92,81],"Release Notes",{"url":94,"sources":95,"tags":96},"https://access.redhat.com/errata/RHSA-2018:3729",[77,71],[81,86,87],{"url":98,"sources":99,"tags":100},"https://hackerone.com/reports/387250",[77,71],[101,102,87],"X Refsource MISC","Patch",{"url":104,"sources":105,"tags":106},"https://access.redhat.com/errata/RHSA-2018:3730",[77,71],[81,86,87],{"url":108,"sources":109,"tags":110},"https://access.redhat.com/errata/RHSA-2018:3731",[77,71],[81,86,87],{"url":112,"sources":113,"tags":114},"https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/",[77,71],[79,92,81],{"url":116,"sources":117,"tags":118},"https://www.debian.org/security/2018/dsa-4332",[77,71],[81,119,87],"X Refsource DEBIAN",{"url":121,"sources":122,"tags":123},"https://usn.ubuntu.com/3808-1/",[77,71],[81,124,87],"X Refsource UBUNTU",{"url":126,"sources":127,"tags":128},"https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/",[77,71],[79,92,81],{"url":130,"sources":131,"tags":132},"https://security.netapp.com/advisory/ntap-20190221-0002/",[77,71],[79,87],{"url":134,"sources":135,"tags":136},"https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/",[77,71],[79,92,81],{"url":138,"sources":139,"tags":140},"https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html",[77,71],[141,142,87],"Mailing List","X Refsource MLIST",{"url":144,"sources":145,"tags":146},"http://www.securitytracker.com/id/1042105",[77,71],[147,148,87],"VDB Entry","X Refsource SECTRACK",{"url":150,"sources":151,"tags":152},"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html",[77,71],[81,153,141,87],"X Refsource SUSE",{"url":155,"sources":156,"tags":157},"https://access.redhat.com/errata/RHSA-2019:1948",[77,71],[81,86,87],{"url":159,"sources":160,"tags":161},"https://access.redhat.com/errata/RHSA-2019:2565",[77,71],[81,86],{"url":163,"sources":164,"tags":165},"https://www.oracle.com/security-alerts/cpujan2020.html",[77,71],[101],[],{"date":168,"score":67,"percentile":169},"2026-06-04",0.88934,[171,175,177,180,182,185,187,190,193,196,199,202,205,208,210,214,217,220,223,225,228,231,234,236,238,240,243,246,250,253,255,258,261,263,265,267,270,273,276,279,282,284,287,290,293,296,299,301,304,307,309,312,315,317,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,365,368,370,372,375,378,381,384,387,389,392,395,398,401,404,406,408,411,414,417,419],{"date":172,"score":173,"percentile":174},"2025-11-04",0.04424,0.88505,{"date":176,"score":173,"percentile":174},"2025-11-05",{"date":178,"score":173,"percentile":179},"2025-11-06",0.88499,{"date":181,"score":173,"percentile":174},"2025-11-07",{"date":183,"score":173,"percentile":184},"2025-11-08",0.88508,{"date":186,"score":173,"percentile":174},"2025-11-09",{"date":188,"score":173,"percentile":189},"2025-11-10",0.88504,{"date":191,"score":173,"percentile":192},"2025-11-11",0.88509,{"date":194,"score":173,"percentile":195},"2025-11-12",0.88516,{"date":197,"score":173,"percentile":198},"2025-11-13",0.8852,{"date":200,"score":173,"percentile":201},"2025-11-14",0.88524,{"date":203,"score":173,"percentile":204},"2025-11-15",0.88519,{"date":206,"score":173,"percentile":207},"2025-11-16",0.88523,{"date":209,"score":173,"percentile":204},"2025-11-17",{"date":211,"score":212,"percentile":213},"2025-11-18",0.05969,0.89736,{"date":215,"score":212,"percentile":216},"2025-11-19",0.8974,{"date":218,"score":212,"percentile":219},"2025-11-20",0.89743,{"date":221,"score":173,"percentile":222},"2025-11-21",0.88533,{"date":224,"score":173,"percentile":222},"2025-11-22",{"date":226,"score":173,"percentile":227},"2025-11-23",0.88528,{"date":229,"score":173,"percentile":230},"2025-11-24",0.88529,{"date":232,"score":173,"percentile":233},"2025-11-25",0.88531,{"date":235,"score":173,"percentile":230},"2025-11-26",{"date":237,"score":173,"percentile":233},"2025-11-27",{"date":239,"score":173,"percentile":207},"2025-11-28",{"date":241,"score":173,"percentile":242},"2025-11-29",0.88595,{"date":244,"score":173,"percentile":245},"2025-11-30",0.88591,{"date":247,"score":248,"percentile":249},"2025-12-01",0.04781,0.89109,{"date":251,"score":248,"percentile":252},"2025-12-02",0.89111,{"date":254,"score":248,"percentile":249},"2025-12-03",{"date":256,"score":173,"percentile":257},"2025-12-04",0.88592,{"date":259,"score":173,"percentile":260},"2025-12-05",0.88594,{"date":262,"score":173,"percentile":242},"2025-12-06",{"date":264,"score":173,"percentile":260},"2025-12-07",{"date":266,"score":173,"percentile":242},"2025-12-08",{"date":268,"score":173,"percentile":269},"2025-12-09",0.88605,{"date":271,"score":173,"percentile":272},"2025-12-10",0.88622,{"date":274,"score":173,"percentile":275},"2025-12-11",0.88623,{"date":277,"score":173,"percentile":278},"2025-12-12",0.88626,{"date":280,"score":173,"percentile":281},"2025-12-13",0.88627,{"date":283,"score":173,"percentile":278},"2025-12-14",{"date":285,"score":173,"percentile":286},"2025-12-15",0.88629,{"date":288,"score":173,"percentile":289},"2025-12-16",0.8863,{"date":291,"score":173,"percentile":292},"2025-12-17",0.88634,{"date":294,"score":173,"percentile":295},"2025-12-18",0.88641,{"date":297,"score":173,"percentile":298},"2025-12-19",0.8864,{"date":300,"score":173,"percentile":295},"2025-12-20",{"date":302,"score":173,"percentile":303},"2025-12-21",0.88649,{"date":305,"score":173,"percentile":306},"2025-12-22",0.88647,{"date":308,"score":173,"percentile":303},"2025-12-23",{"date":310,"score":173,"percentile":311},"2025-12-24",0.88656,{"date":313,"score":173,"percentile":314},"2025-12-25",0.88666,{"date":316,"score":173,"percentile":314},"2025-12-26",{"date":318,"score":319,"percentile":320},"2025-12-27",0.05305,0.89744,{"date":322,"score":173,"percentile":323},"2025-12-28",0.88658,{"date":325,"score":173,"percentile":326},"2025-12-29",0.88655,{"date":328,"score":173,"percentile":329},"2025-12-30",0.88662,{"date":331,"score":173,"percentile":332},"2025-12-31",0.88671,{"date":334,"score":248,"percentile":335},"2026-01-01",0.8919,{"date":337,"score":248,"percentile":338},"2026-01-02",0.89185,{"date":340,"score":248,"percentile":341},"2026-01-03",0.89183,{"date":343,"score":173,"percentile":344},"2026-01-04",0.88664,{"date":346,"score":173,"percentile":347},"2026-01-05",0.8866,{"date":349,"score":173,"percentile":350},"2026-01-06",0.88665,{"date":352,"score":173,"percentile":353},"2026-01-07",0.88667,{"date":355,"score":173,"percentile":356},"2026-01-08",0.88673,{"date":358,"score":173,"percentile":359},"2026-01-09",0.88678,{"date":361,"score":173,"percentile":362},"2026-01-10",0.8868,{"date":364,"score":173,"percentile":356},"2026-01-11",{"date":366,"score":173,"percentile":367},"2026-01-12",0.8867,{"date":369,"score":173,"percentile":353},"2026-01-13",{"date":371,"score":173,"percentile":362},"2026-01-14",{"date":373,"score":173,"percentile":374},"2026-01-15",0.88683,{"date":376,"score":173,"percentile":377},"2026-01-16",0.88691,{"date":379,"score":173,"percentile":380},"2026-01-17",0.88692,{"date":382,"score":173,"percentile":383},"2026-01-18",0.8869,{"date":385,"score":173,"percentile":386},"2026-01-19",0.88689,{"date":388,"score":173,"percentile":380},"2026-01-20",{"date":390,"score":173,"percentile":391},"2026-01-21",0.88698,{"date":393,"score":173,"percentile":394},"2026-01-22",0.88701,{"date":396,"score":173,"percentile":397},"2026-01-23",0.88713,{"date":399,"score":173,"percentile":400},"2026-01-24",0.88722,{"date":402,"score":173,"percentile":403},"2026-01-25",0.88719,{"date":405,"score":173,"percentile":400},"2026-01-26",{"date":407,"score":173,"percentile":400},"2026-01-27",{"date":409,"score":173,"percentile":410},"2026-01-28",0.88724,{"date":412,"score":173,"percentile":413},"2026-01-29",0.88729,{"date":415,"score":173,"percentile":416},"2026-01-30",0.88732,{"date":418,"score":173,"percentile":413},"2026-01-31",{"date":420,"score":248,"percentile":421},"2026-02-01",0.89244,[423],{"source":71,"cvss_v2_0":424,"cvss_v3_0":429,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":425,"baseSeverity":9,"vectorString":426,"impactScore":427,"exploitabilityScore":428},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":69,"baseSeverity":430,"vectorString":72,"impactScore":69,"exploitabilityScore":428},"CRITICAL",[432,447,456,463,473],{"ecosystem":9,"name":433,"vendor":434,"product":435,"cpe_part":436,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":437},"ubuntu linux","canonical","ubuntu_linux","o",[438,441,443,445],{"version":439,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":442,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":444,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":446,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":448,"vendor":449,"product":450,"cpe_part":436,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":451},"debian linux","debian","debian_linux",[452,454],{"version":453,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":455,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":457,"vendor":458,"product":459,"cpe_part":436,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":460},"enterprise linux","redhat","enterprise_linux",[461],{"version":462,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.4",{"ecosystem":9,"name":464,"vendor":465,"product":464,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"openssl","ruby-lang","a",[468],{"version":469,"is_range":470,"range_type":440,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":472,"fixed_in":9},"lt2.1.2",true,"2.1.2","excluding",{"ecosystem":9,"name":474,"vendor":465,"product":474,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":475},"ruby",[476,481,485,489,491],{"version":477,"is_range":470,"range_type":440,"version_start":478,"version_start_type":479,"version_end":480,"version_end_type":479,"fixed_in":9},"gte2.3.0_lte2.3.7","2.3.0","including","2.3.7",{"version":482,"is_range":470,"range_type":440,"version_start":483,"version_start_type":479,"version_end":484,"version_end_type":479,"fixed_in":9},"gte2.4.0_lte2.4.4","2.4.0","2.4.4",{"version":486,"is_range":470,"range_type":440,"version_start":487,"version_start_type":479,"version_end":488,"version_end_type":479,"fixed_in":9},"gte2.5.0_lte2.5.1","2.5.0","2.5.1",{"version":490,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.6.0:preview1",{"version":492,"is_range":65,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.6.0:preview2"]