Количество 16
Количество 16
ELSA-2013-1441
ELSA-2013-1441: rubygems security update (MODERATE)
CVE-2012-2126
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2126
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2126
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2126
RubyGems before 1.8.23 does not verify an SSL certificate, which allow ...
GHSA-5mgj-mvv8-46mw
RubyGems does not verify SSL certificate
CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN ...
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which m ...
GHSA-9j7m-rjqx-48vh
RubyGems Regular Expression Denial of Service vulnerability
GHSA-228f-g3h7-3fj3
RubyGems HTTPS to HTTP redirect
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2013-1441 ELSA-2013-1441: rubygems security update (MODERATE) | больше 11 лет назад | ||
 | CVE-2012-2126 RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack. | CVSS2: 4.3 | 0% Низкий | больше 11 лет назад |
 | CVE-2012-2126 RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack. | CVSS2: 4 | 0% Низкий | около 13 лет назад |
 | CVE-2012-2126 RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack. | CVSS2: 4.3 | 0% Низкий | больше 11 лет назад |
| CVE-2012-2126 RubyGems before 1.8.23 does not verify an SSL certificate, which allow ... | CVSS2: 4.3 | 0% Низкий | больше 11 лет назад |
| GHSA-5mgj-mvv8-46mw RubyGems does not verify SSL certificate | 0% Низкий | около 3 лет назад | |
| CVE-2013-4287 Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. | CVSS2: 4.3 | 2% Низкий | больше 11 лет назад |
| CVE-2013-4287 Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. | CVSS2: 2.6 | 2% Низкий | почти 12 лет назад |
| CVE-2013-4287 Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. | CVSS2: 4.3 | 2% Низкий | больше 11 лет назад |
| CVE-2013-4287 Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN ... | CVSS2: 4.3 | 2% Низкий | больше 11 лет назад |
| CVE-2012-2125 RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. | CVSS2: 5.8 | 1% Низкий | больше 11 лет назад |
| CVE-2012-2125 RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. | CVSS2: 4 | 1% Низкий | около 13 лет назад |
| CVE-2012-2125 RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. | CVSS2: 5.8 | 1% Низкий | больше 11 лет назад |
| CVE-2012-2125 RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which m ... | CVSS2: 5.8 | 1% Низкий | больше 11 лет назад |
| GHSA-9j7m-rjqx-48vh RubyGems Regular Expression Denial of Service vulnerability | 2% Низкий | около 3 лет назад | |
| GHSA-228f-g3h7-3fj3 RubyGems HTTPS to HTTP redirect | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу