Sha256: 7688b2dd8f97f4b7e7f67193bcfce1d0719665329fdec180d6aac58175ddb495

Contents?: true

Size: 668 Bytes

Versions: 3

Compression:

Stored size: 668 Bytes

Contents

---
gem: rbovirt
cve: 2014-0036
osvdb: 104080
url: http://osvdb.org/show/osvdb/104080
title: rbovirt Gem for Ruby contains a flaw
date: 2014-03-05

description: |
  rbovirt Gem for Ruby contains a flaw related to certificate validation.
  The issue is due to the program failing to validate SSL certificates. This may
  allow an attacker with access to network traffic (e.g. MiTM, DNS cache
  poisoning) to spoof the SSL server via an arbitrary certificate that appears
  valid. Such an attack would allow for the interception of sensitive traffic,
  and potentially allow for the injection of content into the SSL stream.

cvss_v2:

patched_versions:
  - '>= 0.0.24'

Version data entries

3 entries across 3 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/rbovirt/OSVDB-104080.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/rbovirt/OSVDB-104080.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/rbovirt/OSVDB-104080.yml