CVE-2012-2125 in RubyGemsinfo

Zusammenfassung (Englisch)

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservieren

04.04.2012

Veröffentlichung

01.10.2013

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!