| Max CVSS | 5.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4287 | 4.3 |
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote at
|
22-04-2019 - 17:48 | 17-10-2013 - 23:55 | |
| CVE-2012-2126 | 4.3 |
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
|
14-01-2014 - 04:17 | 01-10-2013 - 17:55 | |
| CVE-2012-2125 | 5.8 |
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.
|
14-01-2014 - 04:17 | 01-10-2013 - 17:55 |