| Max CVSS | 5.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-2126 | 4.3 |
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
|
14-01-2014 - 04:17 | 01-10-2013 - 17:55 | |
| CVE-2012-2125 | 5.8 |
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack.
|
14-01-2014 - 04:17 | 01-10-2013 - 17:55 |