Количество 9
Количество 9
CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2. ...
GHSA-4x8v-74xf-h4g3
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
BDU:2015-09978
Уязвимость интерпретатора Ruby, позволяющая нарушителю подменить SSL-сервер
SUSE-SU-2017:0948-1
Security update for ruby
openSUSE-SU-2017:1128-1
Security update for ruby2.1
SUSE-SU-2017:1067-1
Security update for ruby2.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-1855 verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. | CVSS3: 5.9 | 3% Низкий | около 6 лет назад |
 | CVE-2015-1855 verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. | CVSS2: 4 | 3% Низкий | почти 11 лет назад |
 | CVE-2015-1855 verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. | CVSS3: 5.9 | 3% Низкий | около 6 лет назад |
| CVE-2015-1855 verify_certificate_identity in the OpenSSL extension in Ruby before 2. ... | CVSS3: 5.9 | 3% Низкий | около 6 лет назад |
| GHSA-4x8v-74xf-h4g3 verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. | 3% Низкий | больше 3 лет назад | |
 | BDU:2015-09978 Уязвимость интерпретатора Ruby, позволяющая нарушителю подменить SSL-сервер | CVSS2: 4.3 | 3% Низкий | почти 11 лет назад |
 | SUSE-SU-2017:0948-1 Security update for ruby | почти 9 лет назад | ||
| openSUSE-SU-2017:1128-1 Security update for ruby2.1 | почти 9 лет назад | ||
| SUSE-SU-2017:1067-1 Security update for ruby2.1 | почти 9 лет назад |
Уязвимостей на страницу