Sha256: 1a11686ce5fe282d7c02afb93769e7456098a3e8962a8a54ae6e2928ca82ef1e
Contents?: true
Size: 523 Bytes
Versions: 1
Compression:
Stored size: 523 Bytes
Contents
--- gem: rubygems-update library: rubygems cve: 2012-2125 osvdb: 85809 url: https://nvd.nist.gov/vuln/detail/CVE-2012-2125 title: | RubyGems HTTPS to HTTP Redirection MitM Downloaded Installation File Manipulation date: 2012-09-25 description: | RubyGems contains a flaw that is triggered by the gem fetcher allowing for redirection of HTTPS to HTTP. This may allow a remote attacker to conduct a man-in-the-middle attack to alter downloaded gem installation files. cvss_v2: 5.8 patched_versions: - ">= 1.8.23"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/rubygems-update/CVE-2012-2125.yml |