Download
| Alert*
|
oval:org.secpod.oval:def:701015
rubygems: package management framework for Ruby libraries/applications RubyGems could be made to download and install malicious gem files. oval:org.secpod.oval:def:1600320 Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service vi ... oval:org.secpod.oval:def:106008 RubyGems is the Ruby standard for publishing and managing third party libraries. oval:org.secpod.oval:def:1600287 Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service via a crafte ... oval:org.secpod.oval:def:105924 RubyGems is the Ruby standard for publishing and managing third party libraries. oval:org.secpod.oval:def:1500268 An updated rubygems package that fixes three security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ... oval:org.secpod.oval:def:202952 RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to ... |
