Sha256: aa2c48733e23b8bbc6c050d3f06733847da95e6866e088c6e9a0d5f2d258f744
Contents?: true
Size: 482 Bytes
Versions: 2
Compression:
Stored size: 482 Bytes
Contents
--- library: rubygems cve: 2017-0902 url: http://blog.rubygems.org/2017/08/27/2.6.13-released.html title: RubyGems DNS request hijacking vulnerability date: 2017-08-29 description: | RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to down load and install gems from a server that the attacker controls. cvss_v2: 6.8 patched_versions: - ">= 2.4.5.3" - ">= 2.5.2.1" - ">= 2.6.13"
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-budit-0.6.2 | data/ruby-advisory-db/libraries/rubygems/CVE-2017-0902.yml |
| bundler-budit-0.6.1 | data/ruby-advisory-db/libraries/rubygems/CVE-2017-0902.yml |