CVE-2012-2125

Опубликовано: 01 окт. 2013

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5.8

Описание

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
devel	not-affected
esm-apps/bionic	not-affected
esm-apps/focal	not-affected
esm-apps/noble	not-affected
esm-apps/xenial	not-affected
esm-infra-legacy/trusty	needed
focal	not-affected
groovy	not-affected

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [1.9.3.194-1]]
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hardy	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
cosmic	DNE
devel	not-affected	3.2.5-2
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hardy	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 69%

0.00638

Низкий

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2012-2125

redhat

около 13 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2125

nvd

больше 11 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

CVE-2012-2125

debian

больше 11 лет назад

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which m ...

GHSA-228f-g3h7-3fj3

github

около 3 лет назад

RubyGems HTTPS to HTTP redirect

ELSA-2013-1441

oracle-oval

больше 11 лет назад

ELSA-2013-1441: rubygems security update (MODERATE)

EPSS

Процентиль: 69%

0.00638

Низкий

5.8 Medium

CVSS2

CVE-2012-2125

Описание

Пакет jruby

Пакет ruby1.9.1

Пакет rubygems

Ссылки на источники

Связанные уязвимости