CVE-2012-2125

Опубликовано: 01 окт. 2013

Источник: debian

Описание

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rubygems	fixed	1.8.24-1		package

Связанные уязвимости

CVE-2012-2125

ubuntu

больше 12 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2125

redhat

почти 14 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2125

nvd

больше 12 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

GHSA-228f-g3h7-3fj3

github

больше 3 лет назад

RubyGems HTTPS to HTTP redirect

ELSA-2013-1441

oracle-oval

больше 12 лет назад

ELSA-2013-1441: rubygems security update (MODERATE)