Описание
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | |
| cosmic | ignored | end of life |
| devel | not-affected | |
| disco | ignored | end of life |
| esm-apps/bionic | not-affected | |
| esm-apps/focal | not-affected | |
| esm-apps/noble | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.9.3.194-1]] |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hardy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | not-affected | 3.2.5-2 |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hardy | DNE |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
RubyGems before 1.8.23 does not verify an SSL certificate, which allow ...
4.3 Medium
CVSS2