[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-41816":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":34,"duplicate_of":9,"upstream":35,"downstream":36,"duplicates":67,"related":68,"reserved_at":9,"published_at":81,"modified_at":82,"state":83,"summary":84,"references_raw":92,"kevs":125,"epss":126,"epss_history":129,"metrics":393,"affected":402},"CVE-2021-41816","CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_1D12F07D0837B909","Exploit Reference (ruby-lang.org)","reference","https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/","unknown",0.2,false,[],[],[],[37,39,41,43,45,47,49,51,53,55,57,59,61,63,65],{"_key":38},"ALPINE-CVE-2021-41816",{"_key":40},"OPENSUSE-SU-2024:11657-1",{"_key":42},"OPENSUSE-SU-2024:11658-1",{"_key":44},"OPENSUSE-SU-2024:11786-1",{"_key":46},"OPENSUSE-SU-2024:12712-1",{"_key":48},"OPENSUSE-SU-2024:13623-1",{"_key":50},"OPENSUSE-SU-2025:14621-1",{"_key":52},"OPENSUSE-SU-2025:15819-1",{"_key":54},"DSA-5067-1",{"_key":56},"MGASA-2021-0579",{"_key":58},"UBUNTU-CVE-2021-41816",{"_key":60},"DEBIAN-CVE-2021-41816",{"_key":62},"RHSA-2022:6855",{"_key":64},"RHSA-2022:6856",{"_key":66},"USN-5235-1",[],[69,70,71,72,73,74,75,76,77,79],{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":56},{"_key":78},"CGA-RWV5-454X-4XJP",{"_key":80},"CGA-69X2-22V3-4FGQ","2022-02-06T00:00:00.000Z","2024-08-04T03:22:24.883Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":85,"epss_score":86,"severity":87,"severity_score":88,"severity_version":89,"severity_source":90,"severity_vector":91,"severity_status":83},"low",0.00483,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[93,100,105,109,113,117,121],{"url":94,"sources":95,"tags":97},"https://hackerone.com/reports/1328463",[96,90],"cve.org",[98,99],"Permissions Required","Third Party Advisory",{"url":29,"sources":101,"tags":102},[96,90],[103,104],"Exploit","Vendor Advisory",{"url":106,"sources":107,"tags":108},"https://security-tracker.debian.org/tracker/CVE-2021-41816",[96,90],[99],{"url":110,"sources":111,"tags":112},"https://security.netapp.com/advisory/ntap-20220303-0006/",[96,90],[99],{"url":114,"sources":115,"tags":116},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/",[96,90],[104],{"url":118,"sources":119,"tags":120},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/",[96,90],[104],{"url":122,"sources":123,"tags":124},"https://security.gentoo.org/glsa/202401-27",[96,90],[104],[],{"date":127,"score":86,"percentile":128},"2026-06-04",0.65544,[130,134,137,140,143,146,149,151,154,157,160,163,166,169,171,175,178,181,184,187,190,192,195,198,200,203,206,209,213,216,219,222,224,226,229,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,289,292,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,385,387,390],{"date":131,"score":132,"percentile":133},"2025-11-04",0.00905,0.74998,{"date":135,"score":132,"percentile":136},"2025-11-05",0.74991,{"date":138,"score":132,"percentile":139},"2025-11-06",0.74989,{"date":141,"score":132,"percentile":142},"2025-11-07",0.75006,{"date":144,"score":132,"percentile":145},"2025-11-08",0.75007,{"date":147,"score":132,"percentile":148},"2025-11-09",0.75004,{"date":150,"score":132,"percentile":139},"2025-11-10",{"date":152,"score":132,"percentile":153},"2025-11-11",0.7499,{"date":155,"score":132,"percentile":156},"2025-11-12",0.75009,{"date":158,"score":132,"percentile":159},"2025-11-13",0.75016,{"date":161,"score":132,"percentile":162},"2025-11-14",0.7502,{"date":164,"score":132,"percentile":165},"2025-11-15",0.75019,{"date":167,"score":132,"percentile":168},"2025-11-16",0.75017,{"date":170,"score":132,"percentile":142},"2025-11-17",{"date":172,"score":173,"percentile":174},"2025-11-18",0.04691,0.88265,{"date":176,"score":173,"percentile":177},"2025-11-19",0.88268,{"date":179,"score":173,"percentile":180},"2025-11-20",0.88271,{"date":182,"score":132,"percentile":183},"2025-11-21",0.75028,{"date":185,"score":132,"percentile":186},"2025-11-22",0.75023,{"date":188,"score":132,"percentile":189},"2025-11-23",0.7501,{"date":191,"score":132,"percentile":142},"2025-11-24",{"date":193,"score":132,"percentile":194},"2025-11-25",0.75008,{"date":196,"score":132,"percentile":197},"2025-11-26",0.75015,{"date":199,"score":132,"percentile":159},"2025-11-27",{"date":201,"score":132,"percentile":202},"2025-11-28",0.75003,{"date":204,"score":132,"percentile":205},"2025-11-29",0.75002,{"date":207,"score":132,"percentile":208},"2025-11-30",0.75001,{"date":210,"score":211,"percentile":212},"2025-12-01",0.00433,0.62041,{"date":214,"score":211,"percentile":215},"2025-12-02",0.62059,{"date":217,"score":211,"percentile":218},"2025-12-03",0.62061,{"date":220,"score":132,"percentile":221},"2025-12-04",0.74995,{"date":223,"score":132,"percentile":142},"2025-12-05",{"date":225,"score":132,"percentile":194},"2025-12-06",{"date":227,"score":132,"percentile":228},"2025-12-07",0.75005,{"date":230,"score":132,"percentile":156},"2025-12-08",{"date":232,"score":132,"percentile":233},"2025-12-09",0.75041,{"date":235,"score":132,"percentile":236},"2025-12-10",0.75065,{"date":238,"score":132,"percentile":239},"2025-12-11",0.75081,{"date":241,"score":132,"percentile":242},"2025-12-12",0.75104,{"date":244,"score":132,"percentile":245},"2025-12-13",0.75107,{"date":247,"score":132,"percentile":248},"2025-12-14",0.75102,{"date":250,"score":132,"percentile":251},"2025-12-15",0.75106,{"date":253,"score":132,"percentile":254},"2025-12-16",0.75117,{"date":256,"score":132,"percentile":257},"2025-12-17",0.75128,{"date":259,"score":132,"percentile":260},"2025-12-18",0.75151,{"date":262,"score":132,"percentile":263},"2025-12-19",0.75168,{"date":265,"score":132,"percentile":266},"2025-12-20",0.75163,{"date":268,"score":132,"percentile":269},"2025-12-21",0.75158,{"date":271,"score":132,"percentile":272},"2025-12-22",0.75157,{"date":274,"score":132,"percentile":275},"2025-12-23",0.75154,{"date":277,"score":132,"percentile":278},"2025-12-24",0.75162,{"date":280,"score":132,"percentile":281},"2025-12-25",0.75187,{"date":283,"score":132,"percentile":284},"2025-12-26",0.75183,{"date":286,"score":287,"percentile":288},"2025-12-27",0.01174,0.78272,{"date":290,"score":132,"percentile":291},"2025-12-28",0.75165,{"date":293,"score":132,"percentile":291},"2025-12-29",{"date":295,"score":132,"percentile":296},"2025-12-30",0.75178,{"date":298,"score":132,"percentile":299},"2025-12-31",0.75199,{"date":301,"score":211,"percentile":302},"2026-01-01",0.62331,{"date":304,"score":211,"percentile":305},"2026-01-02",0.62317,{"date":307,"score":211,"percentile":308},"2026-01-03",0.62314,{"date":310,"score":132,"percentile":311},"2026-01-04",0.75209,{"date":313,"score":132,"percentile":314},"2026-01-05",0.75202,{"date":316,"score":132,"percentile":317},"2026-01-06",0.75219,{"date":319,"score":132,"percentile":320},"2026-01-07",0.75228,{"date":322,"score":132,"percentile":323},"2026-01-08",0.75241,{"date":325,"score":132,"percentile":326},"2026-01-09",0.75246,{"date":328,"score":132,"percentile":329},"2026-01-10",0.75248,{"date":331,"score":132,"percentile":332},"2026-01-11",0.75236,{"date":334,"score":132,"percentile":335},"2026-01-12",0.75222,{"date":337,"score":132,"percentile":335},"2026-01-13",{"date":339,"score":132,"percentile":340},"2026-01-14",0.75249,{"date":342,"score":132,"percentile":343},"2026-01-15",0.75256,{"date":345,"score":132,"percentile":346},"2026-01-16",0.75268,{"date":348,"score":132,"percentile":349},"2026-01-17",0.75269,{"date":351,"score":132,"percentile":352},"2026-01-18",0.75259,{"date":354,"score":132,"percentile":355},"2026-01-19",0.75254,{"date":357,"score":132,"percentile":358},"2026-01-20",0.75257,{"date":360,"score":132,"percentile":361},"2026-01-21",0.75261,{"date":363,"score":132,"percentile":364},"2026-01-22",0.75265,{"date":366,"score":132,"percentile":367},"2026-01-23",0.7529,{"date":369,"score":132,"percentile":370},"2026-01-24",0.75295,{"date":372,"score":132,"percentile":373},"2026-01-25",0.75282,{"date":375,"score":132,"percentile":376},"2026-01-26",0.75281,{"date":378,"score":132,"percentile":379},"2026-01-27",0.75289,{"date":381,"score":132,"percentile":382},"2026-01-28",0.75298,{"date":384,"score":132,"percentile":370},"2026-01-29",{"date":386,"score":132,"percentile":382},"2026-01-30",{"date":388,"score":132,"percentile":389},"2026-01-31",0.753,{"date":391,"score":211,"percentile":392},"2026-02-01",0.62335,[394],{"source":90,"cvss_v2_0":395,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":396,"baseSeverity":9,"vectorString":397,"impactScore":398,"exploitabilityScore":399},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":88,"baseSeverity":401,"vectorString":91,"impactScore":88,"exploitabilityScore":399},"CRITICAL",[403,413],{"ecosystem":9,"name":404,"vendor":405,"product":404,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"fedora","fedoraproject","o",[408,411],{"version":409,"is_range":32,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34","cpe",{"version":412,"is_range":32,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"ecosystem":9,"name":414,"vendor":415,"product":414,"cpe_part":416,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":417},"cgi","ruby-lang","a",[418,423,427],{"version":419,"is_range":420,"range_type":410,"version_start":9,"version_start_type":9,"version_end":421,"version_end_type":422,"fixed_in":9},"lt0.3.1",true,"0.3.1","excluding",{"version":424,"is_range":420,"range_type":410,"version_start":9,"version_start_type":9,"version_end":425,"version_end_type":426,"fixed_in":9},"lte0.2.0","0.2.0","including",{"version":428,"is_range":420,"range_type":410,"version_start":9,"version_start_type":9,"version_end":429,"version_end_type":426,"fixed_in":9},"lte0.1.0","0.1.0"]