[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-31799":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":42,"downstream":43,"duplicates":100,"related":101,"reserved_at":9,"published_at":115,"modified_at":116,"state":117,"summary":118,"references_raw":126,"kevs":156,"epss":157,"epss_history":160,"metrics":421,"affected":434},"CVE-2021-31799","In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-78","Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-15","Command Delimiters",[],{"id":29,"name":30,"techniques":31},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":33,"name":34,"techniques":35},"CAPEC-6","Argument Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-88","OS Command Injection",[],[],[],[],[44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98],{"_key":45},"ALPINE-CVE-2021-31799",{"_key":47},"SUSE-SU-2021:3837-1",{"_key":49},"SUSE-SU-2021:3838-1",{"_key":51},"SUSE-SU-2022:1512-1",{"_key":53},"OPENSUSE-SU-2021:1535-1",{"_key":55},"OPENSUSE-SU-2021:3838-1",{"_key":57},"OPENSUSE-SU-2024:11622-1",{"_key":59},"OPENSUSE-SU-2024:11623-1",{"_key":61},"OPENSUSE-SU-2024:11786-1",{"_key":63},"OPENSUSE-SU-2024:12712-1",{"_key":65},"OPENSUSE-SU-2024:13623-1",{"_key":67},"OPENSUSE-SU-2025:14621-1",{"_key":69},"OPENSUSE-SU-2025:15819-1",{"_key":71},"DLA-2780-1",{"_key":73},"DSA-5066-1",{"_key":75},"MGASA-2021-0579",{"_key":77},"RHSA-2021:3020",{"_key":79},"RHSA-2021:3559",{"_key":81},"RHSA-2021:3982",{"_key":83},"RHSA-2022:0672",{"_key":85},"UBUNTU-CVE-2021-31799",{"_key":87},"DEBIAN-CVE-2021-31799",{"_key":89},"RHSA-2022:0543",{"_key":91},"RHSA-2022:0544",{"_key":93},"RHSA-2022:0581",{"_key":95},"RHSA-2022:0582",{"_key":97},"RHSA-2022:0708",{"_key":99},"USN-5020-1",[],[102,103,104,105,106,107,108,109,110,111,112,113,114],{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":75},"2021-07-29T00:00:00.000Z","2024-10-15T20:28:31.276Z","Modified",{"cisa_kev":119,"cisa_ransomware":119,"cisa_vendor":9,"epss_severity":120,"epss_score":121,"severity":122,"severity_score":4,"severity_version":123,"severity_source":124,"severity_vector":125,"severity_status":117},false,"low",0.00351,"high","v3.1","cve.org","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",[127,134,139,144,148,152],{"url":128,"sources":129,"tags":131},"https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html",[124,130],"nvd",[132,133],"Mailing List","Third Party Advisory",{"url":135,"sources":136,"tags":137},"https://www.oracle.com/security-alerts/cpuapr2022.html",[124,130],[138,133],"Patch",{"url":140,"sources":141,"tags":142},"https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/",[124,130],[138,143],"Vendor Advisory",{"url":145,"sources":146,"tags":147},"https://security-tracker.debian.org/tracker/CVE-2021-31799",[124,130],[133],{"url":149,"sources":150,"tags":151},"https://security.netapp.com/advisory/ntap-20210902-0004/",[124,130],[133],{"url":153,"sources":154,"tags":155},"https://security.gentoo.org/glsa/202401-05",[124,130],[143],[],{"date":158,"score":121,"percentile":159},"2026-06-04",0.57815,[161,165,168,171,174,177,180,182,185,188,191,194,197,200,203,207,210,213,216,219,221,224,226,228,230,233,235,238,242,245,248,250,253,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,319,322,325,327,330,334,337,340,343,346,349,352,355,358,361,364,366,369,372,375,378,380,382,384,387,390,392,395,398,401,404,406,409,412,415,418],{"date":162,"score":163,"percentile":164},"2025-11-04",0.00439,0.62325,{"date":166,"score":163,"percentile":167},"2025-11-05",0.62312,{"date":169,"score":163,"percentile":170},"2025-11-06",0.62322,{"date":172,"score":163,"percentile":173},"2025-11-07",0.62339,{"date":175,"score":163,"percentile":176},"2025-11-08",0.62344,{"date":178,"score":163,"percentile":179},"2025-11-09",0.62338,{"date":181,"score":163,"percentile":170},"2025-11-10",{"date":183,"score":163,"percentile":184},"2025-11-11",0.62334,{"date":186,"score":163,"percentile":187},"2025-11-12",0.62358,{"date":189,"score":163,"percentile":190},"2025-11-13",0.62364,{"date":192,"score":163,"percentile":193},"2025-11-14",0.62375,{"date":195,"score":163,"percentile":196},"2025-11-15",0.62366,{"date":198,"score":163,"percentile":199},"2025-11-16",0.62357,{"date":201,"score":163,"percentile":202},"2025-11-17",0.62361,{"date":204,"score":205,"percentile":206},"2025-11-18",0.00661,0.68836,{"date":208,"score":205,"percentile":209},"2025-11-19",0.68843,{"date":211,"score":205,"percentile":212},"2025-11-20",0.68848,{"date":214,"score":163,"percentile":215},"2025-11-21",0.62369,{"date":217,"score":163,"percentile":218},"2025-11-22",0.62379,{"date":220,"score":163,"percentile":199},"2025-11-23",{"date":222,"score":163,"percentile":223},"2025-11-24",0.62351,{"date":225,"score":163,"percentile":187},"2025-11-25",{"date":227,"score":163,"percentile":202},"2025-11-26",{"date":229,"score":163,"percentile":196},"2025-11-27",{"date":231,"score":163,"percentile":232},"2025-11-28",0.62346,{"date":234,"score":163,"percentile":170},"2025-11-29",{"date":236,"score":163,"percentile":237},"2025-11-30",0.62314,{"date":239,"score":240,"percentile":241},"2025-12-01",0.00131,0.33379,{"date":243,"score":240,"percentile":244},"2025-12-02",0.33393,{"date":246,"score":240,"percentile":247},"2025-12-03",0.33392,{"date":249,"score":163,"percentile":170},"2025-12-04",{"date":251,"score":163,"percentile":252},"2025-12-05",0.62333,{"date":254,"score":163,"percentile":252},"2025-12-06",{"date":256,"score":121,"percentile":257},"2025-12-07",0.56836,{"date":259,"score":121,"percentile":260},"2025-12-08",0.56837,{"date":262,"score":121,"percentile":263},"2025-12-09",0.5686,{"date":265,"score":121,"percentile":266},"2025-12-10",0.56916,{"date":268,"score":121,"percentile":269},"2025-12-11",0.5694,{"date":271,"score":121,"percentile":272},"2025-12-12",0.56965,{"date":274,"score":121,"percentile":275},"2025-12-13",0.5696,{"date":277,"score":121,"percentile":278},"2025-12-14",0.56961,{"date":280,"score":121,"percentile":281},"2025-12-15",0.56946,{"date":283,"score":121,"percentile":284},"2025-12-16",0.56957,{"date":286,"score":121,"percentile":287},"2025-12-17",0.56974,{"date":289,"score":121,"percentile":290},"2025-12-18",0.57013,{"date":292,"score":121,"percentile":293},"2025-12-19",0.57021,{"date":295,"score":121,"percentile":296},"2025-12-20",0.57019,{"date":298,"score":121,"percentile":299},"2025-12-21",0.56999,{"date":301,"score":121,"percentile":302},"2025-12-22",0.56981,{"date":304,"score":121,"percentile":305},"2025-12-23",0.56987,{"date":307,"score":121,"percentile":308},"2025-12-24",0.56995,{"date":310,"score":121,"percentile":311},"2025-12-25",0.57039,{"date":313,"score":121,"percentile":314},"2025-12-26",0.57034,{"date":316,"score":317,"percentile":318},"2025-12-27",0.00481,0.64533,{"date":320,"score":121,"percentile":321},"2025-12-28",0.57007,{"date":323,"score":121,"percentile":324},"2025-12-29",0.56998,{"date":326,"score":121,"percentile":308},"2025-12-30",{"date":328,"score":121,"percentile":329},"2025-12-31",0.57032,{"date":331,"score":332,"percentile":333},"2026-01-01",0.00142,0.35181,{"date":335,"score":332,"percentile":336},"2026-01-02",0.35174,{"date":338,"score":332,"percentile":339},"2026-01-03",0.35158,{"date":341,"score":121,"percentile":342},"2026-01-04",0.57003,{"date":344,"score":121,"percentile":345},"2026-01-05",0.56991,{"date":347,"score":121,"percentile":348},"2026-01-06",0.57001,{"date":350,"score":121,"percentile":351},"2026-01-07",0.57026,{"date":353,"score":121,"percentile":354},"2026-01-08",0.57047,{"date":356,"score":121,"percentile":357},"2026-01-09",0.57049,{"date":359,"score":121,"percentile":360},"2026-01-10",0.57046,{"date":362,"score":121,"percentile":363},"2026-01-11",0.57025,{"date":365,"score":121,"percentile":345},"2026-01-12",{"date":367,"score":121,"percentile":368},"2026-01-13",0.56962,{"date":370,"score":121,"percentile":371},"2026-01-14",0.57004,{"date":373,"score":121,"percentile":374},"2026-01-15",0.57008,{"date":376,"score":121,"percentile":377},"2026-01-16",0.57035,{"date":379,"score":121,"percentile":351},"2026-01-17",{"date":381,"score":121,"percentile":363},"2026-01-18",{"date":383,"score":121,"percentile":374},"2026-01-19",{"date":385,"score":121,"percentile":386},"2026-01-20",0.5701,{"date":388,"score":121,"percentile":389},"2026-01-21",0.57016,{"date":391,"score":121,"percentile":389},"2026-01-22",{"date":393,"score":121,"percentile":394},"2026-01-23",0.5706,{"date":396,"score":121,"percentile":397},"2026-01-24",0.57065,{"date":399,"score":121,"percentile":400},"2026-01-25",0.57028,{"date":402,"score":121,"percentile":403},"2026-01-26",0.57014,{"date":405,"score":121,"percentile":363},"2026-01-27",{"date":407,"score":121,"percentile":408},"2026-01-28",0.57038,{"date":410,"score":121,"percentile":411},"2026-01-29",0.57037,{"date":413,"score":121,"percentile":414},"2026-01-30",0.57041,{"date":416,"score":121,"percentile":417},"2026-01-31",0.57042,{"date":419,"score":332,"percentile":420},"2026-02-01",0.3477,[422,427],{"source":124,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":4,"baseSeverity":424,"vectorString":125,"impactScore":425,"exploitabilityScore":426},"HIGH",9.8,2.6,{"source":130,"cvss_v2_0":428,"cvss_v3_0":9,"cvss_v3_1":433,"cvss_v4_0":9},{"baseScore":429,"baseSeverity":9,"vectorString":430,"impactScore":431,"exploitabilityScore":432},4.4,"AV:L/AC:M/Au:N/C:P/I:P/A:P",6.4,3.4,{"baseScore":4,"baseSeverity":424,"vectorString":125,"impactScore":425,"exploitabilityScore":426},[435,446,457],{"ecosystem":9,"name":436,"vendor":437,"product":438,"cpe_part":439,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":440},"debian linux","debian","debian_linux","o",[441,444],{"version":442,"is_range":119,"range_type":443,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"version":445,"is_range":119,"range_type":443,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":447,"vendor":448,"product":449,"cpe_part":450,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":451},"jd edwards enterpriseone tools","oracle","jd_edwards_enterpriseone_tools","a",[452],{"version":453,"is_range":454,"range_type":443,"version_start":9,"version_start_type":9,"version_end":455,"version_end_type":456,"fixed_in":9},"lt9.2.6.1",true,"9.2.6.1","excluding",{"ecosystem":9,"name":458,"vendor":459,"product":458,"cpe_part":450,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":460},"rdoc","ruby-lang",[461],{"version":462,"is_range":454,"range_type":443,"version_start":463,"version_start_type":464,"version_end":465,"version_end_type":456,"fixed_in":9},"gte3.11_lt6.3.1","3.11","including","6.3.1"]