CVE-2012-2126

Опубликовано: 01 окт. 2013

Источник: debian

EPSS Низкий

Описание

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rubygems	fixed	1.8.24-1		package

EPSS

Процентиль: 50%

0.00272

Низкий

Связанные уязвимости

CVE-2012-2126

ubuntu

около 12 лет назад

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2126

redhat

больше 13 лет назад

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2126

nvd

около 12 лет назад

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

GHSA-5mgj-mvv8-46mw

github

больше 3 лет назад

RubyGems does not verify SSL certificate

ELSA-2013-1441

oracle-oval

около 12 лет назад

ELSA-2013-1441: rubygems security update (MODERATE)

EPSS

Процентиль: 50%

0.00272

Низкий