GHSA-6mq2-37j5-w6r6 · Severity: medium · Ecosystem: rubygems — WEBrick Improper Input Validation vulnerability
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Conclusion & alert: CVE-2009-4492 is rated High Exploit Risk (73.8/100): CVSS High severity, with high exploitation likelihood (EPSS 15.97%, 96th percentile). Core evidence: 4 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 33489 | exploit_db | edb | 2010-01-11 | Exploit-DB ↗ |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 21.10% | 15.97% | -5.13% |
| 2 | 2026-06-04 | 18.18% | 21.10% | +2.92% |
| 3 | 2026-06-03 | — | 18.18% | — |
Full EPSS history (33 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 2.0 | HIGH |
|
10.0 | 6.4 | [email protected] |
GHSA-6mq2-37j5-w6r6 · Severity: medium · Ecosystem: rubygems — WEBrick Improper Input Validation vulnerability
| vendor | priority | summary | link |
|---|---|---|---|
gentoo
|
normal | CVE-2009-4492: 1 GLSA(s) (201001-09), 1 atom(s) (dev-lang/ruby); latest impact normal. | https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2009-4492 |
redhat
|
low | — | https://access.redhat.com/security/cve/CVE-2009-4492 |
ubuntu
|
negligible | CVE-2009-4492 negligible priority: Ubuntu including 3 source packages (ruby1.8, ruby1.9, ruby1.9.1), 30 status rows across 10 suites (dapper, hardy, intrepid, jaunty, karmic, lucid, maverick, natty, oneiric, upstream): ignored 8, not-affected 8, DNE 7, released 6, needs-triage 1. | https://ubuntu.com/security/CVE-2009-4492 |
Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4492 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
| URL | Tags |
|---|---|
| http://secunia.com/advisories/37949 | Not Applicable Vendor Advisory |
| http://securitytracker.com/id?1023429 | Broken Link Exploit Third Party Advisory VDB Entry |
| http://www.redhat.com/support/errata/RHSA-2011-0908.html | Third Party Advisory |
| http://www.redhat.com/support/errata/RHSA-2011-0909.html | Third Party Advisory |
| http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection | Patch Vendor Advisory |
| http://www.securityfocus.com/archive/1/508830/100/0/threaded | Broken Link Third Party Advisory VDB Entry |
| http://www.securityfocus.com/bid/37710 | Broken Link Exploit Third Party Advisory VDB Entry |
| http://www.ush.it/team/ush/hack_httpd_escape/adv.txt | Broken Link Exploit |
| http://www.vupen.com/english/advisories/2010/0089 | Permissions Required |