cvelistv5 - cve-2015-3900

cve-2015-3900

Vulnerability from cvelistv5

Published

2015-06-24 14:00

Modified

2024-08-06 05:56

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html	Patch, Vendor Advisory
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-1657.html	Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/06/26/2	Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/75482
cve@mitre.org	https://puppet.com/security/cve/CVE-2015-3900
cve@mitre.org	https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356	Third Party Advisory
cve@mitre.org	https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1657.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/06/26/2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75482
af854a3a-2127-422b-91ae-364da2661108	https://puppet.com/security/cve/CVE-2015-3900
af854a3a-2127-422b-91ae-364da2661108	https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/	Third Party Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:56:16.332Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1657",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
          },
          {
            "name": "FEDORA-2015-12501",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
          },
          {
            "name": "FEDORA-2015-12574",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
          },
          {
            "name": "[oss-security] 20150626 rubygems \u003c2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/"
          },
          {
            "name": "75482",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75482"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://puppet.com/security/cve/CVE-2015-3900"
          },
          {
            "name": "FEDORA-2015-13157",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-08T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2015:1657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
        },
        {
          "name": "FEDORA-2015-12501",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
        },
        {
          "name": "FEDORA-2015-12574",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
        },
        {
          "name": "[oss-security] 20150626 rubygems \u003c2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/"
        },
        {
          "name": "75482",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75482"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://puppet.com/security/cve/CVE-2015-3900"
        },
        {
          "name": "FEDORA-2015-13157",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3900",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1657",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
            },
            {
              "name": "FEDORA-2015-12501",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
            },
            {
              "name": "FEDORA-2015-12574",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
            },
            {
              "name": "[oss-security] 20150626 rubygems \u003c2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
            },
            {
              "name": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/",
              "refsource": "MISC",
              "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/"
            },
            {
              "name": "75482",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75482"
            },
            {
              "name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356",
              "refsource": "MISC",
              "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
            },
            {
              "name": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html",
              "refsource": "CONFIRM",
              "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
            },
            {
              "name": "https://puppet.com/security/cve/CVE-2015-3900",
              "refsource": "CONFIRM",
              "url": "https://puppet.com/security/cve/CVE-2015-3900"
            },
            {
              "name": "FEDORA-2015-13157",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3900",
    "datePublished": "2015-06-24T14:00:00",
    "dateReserved": "2015-05-12T00:00:00",
    "dateUpdated": "2024-08-06T05:56:16.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-3900\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-06-24T14:59:01.190\",\"lastModified\":\"2024-11-21T02:30:03.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \\\"DNS hijack attack.\\\"\"},{\"lang\":\"es\",\"value\":\"RubyGems 2.0.x en versiones anteriores a 2.0.16, 2.2.x en versiones anteriores a 2.2.4 y 2.4.x en versiones anteriores a 2.4.7 no valida el nombre de host al recuperar gemas o hacer solicitudes de API, lo que permite a atacantes remotos redireccionar peticiones a dominios arbitrarios a trav\u00e9s del registro DNS SRV manipulado, tambi\u00e9n conocido como un \\\"ataque de secuestro de DNS\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-254\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9237145-35F8-4E05-B730-77C0F386E5B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C78BB1D8-0505-484D-B824-1AA219F8B247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5178D04D-1C29-4353-8987-559AA07443EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0535DC9-EB0E-4745-80AC-4A020DF26E38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B03B7561-A854-4EFA-9E4E-CFC4EEAE4EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"77020036-DC99-461B-9A36-E8C0BE44E6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF046E4-503B-4A10-BEAB-3144BD86EA49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FCA45F1-3038-413A-B8C3-EE366A4E6248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF6AF5E3-4EB8-48A3-B8E9-C79C08C38994\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AE2B154-8126-4A38-BAB6-915207764FC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"808FA8BE-71FC-4ADD-BDEA-637E8DF4E899\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F103B7-0E70-4490-9802-2CD6034E240B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2D82506-3FB5-41BA-8704-CC324C0B0DB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260A155C-ED09-44E7-8279-5B94A4AC8CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4E0506F-F2E6-45A2-B637-576C341A71B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2EC4513-B653-438A-A1E4-406D055FC160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5FDF363-24FA-45D2-879B-B1CF9B667AE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A81F55-2B6B-467C-9281-AA11ED31220F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8143D88-890D-4C87-9120-46B33D7D63C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E5608F5-AC8A-4368-9323-A2CC09F18AAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ACEEB4D-D21D-4D89-881A-9FC33121F69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE3D1495-E577-492F-ADE1-B8E8FB7F241A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD623FF-E72B-4C63-B9E6-AFCDEFDD760A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAA1E4C2-29CA-48C2-AFFA-5357B36655FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB358B7A-D258-4B86-BBD9-09388109653A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C608597-03F7-4F01-803F-0E2B1E9E1D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C95ABA-1949-4B56-B9E3-44B4AF90274D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD319AE0-3D8C-40DF-857D-C38EAFA88C68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"672CC7FA-188C-4F34-B10D-7E0C4E7857F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFCFF897-E65B-4D58-BA4D-B08FEF1201B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6D0730-F774-4E29-9871-3FF4BA89981E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D692C10-A24E-48EA-887C-7333C772744C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AFD153C-B0C3-4A91-8B09-839341FA4434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04D0BF47-C818-4834-BFA2-23DD25386CCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F54C49A-12CE-4AC5-A94A-9C5921414AC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CFF3F39-EF40-4D73-965F-98A51C39C02F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35BCB8FC-EE9C-4AA4-A4A0-E20A3E557129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5B90365-2172-43E3-870B-A16F9FB45FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubygems:rubygems:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4932202-9EEA-4B95-A24A-637678837179\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A602C5-61FE-47BA-9786-F045B6C6DBA8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}],\"references\":[{\"url\":\"http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1657.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/26/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75482\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://puppet.com/security/cve/CVE-2015-3900\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1657.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/26/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://puppet.com/security/cve/CVE-2015-3900\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack." A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain.

Aliases

CVE-2015-3900

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-3900",
    "description": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\"",
    "id": "GSD-2015-3900",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-3900.html",
      "https://access.redhat.com/errata/RHSA-2015:1657",
      "https://advisories.mageia.org/CVE-2015-3900.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2015-3900.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "affected": [
        {
          "package": {
            "ecosystem": "RubyGems",
            "name": "rubygems-update",
            "purl": "pkg:gem/rubygems-update"
          }
        }
      ],
      "aliases": [
        "CVE-2015-3900",
        "OSVDB-122162",
        "GHSA-wp3j-rvfp-624h"
      ],
      "details": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\" A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain.",
      "id": "GSD-2015-3900",
      "modified": "2015-05-14T00:00:00.000Z",
      "published": "2015-05-14T00:00:00.000Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": 5.0,
          "type": "CVSS_V2"
        }
      ],
      "summary": "CVE-2015-3900 rubygems: DNS hijacking vulnerability in api_endpoint()"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2015-3900",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2015:1657",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
          },
          {
            "name": "FEDORA-2015-12501",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
          },
          {
            "name": "FEDORA-2015-12574",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
          },
          {
            "name": "[oss-security] 20150626 rubygems \u003c2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020)",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
          },
          {
            "name": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/",
            "refsource": "MISC",
            "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/"
          },
          {
            "name": "75482",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/75482"
          },
          {
            "name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356",
            "refsource": "MISC",
            "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
          },
          {
            "name": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html",
            "refsource": "CONFIRM",
            "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
          },
          {
            "name": "https://puppet.com/security/cve/CVE-2015-3900",
            "refsource": "CONFIRM",
            "url": "https://puppet.com/security/cve/CVE-2015-3900"
          },
          {
            "name": "FEDORA-2015-13157",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          }
        ]
      }
    },
    "github.com/rubysec/ruby-advisory-db": {
      "cve": "2015-3900",
      "cvss_v2": 5.0,
      "date": "2015-05-14",
      "description": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\" A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain.",
      "gem": "rubygems-update",
      "ghsa": "wp3j-rvfp-624h",
      "library": "rubygems",
      "osvdb": 122162,
      "patched_versions": [
        "~\u003e 2.0.16",
        "~\u003e 2.2.4",
        "\u003e= 2.4.7"
      ],
      "title": "CVE-2015-3900 rubygems: DNS hijacking vulnerability in api_endpoint()",
      "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.4.7",
          "affected_versions": "All versions before 2.4.7",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2019-04-22",
          "description": "RubyGems does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\"",
          "fixed_versions": [
            "2.4.7"
          ],
          "identifier": "CVE-2015-3900",
          "identifiers": [
            "CVE-2015-3900"
          ],
          "not_impacted": "All versions starting from 2.4.7",
          "package_slug": "gem/rubygems-update",
          "pubdate": "2015-06-24",
          "solution": "Upgrade to version 2.4.7 or above.",
          "title": "7PK - Security Features",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2015-3900",
            "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html",
            "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356",
            "http://rhn.redhat.com/errata/RHSA-2015-1657.html",
            "http://www.openwall.com/lists/oss-security/2015/06/26/2",
            "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/",
            "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
            "http://www.securityfocus.com/bid/75482",
            "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html",
            "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html",
            "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html",
            "https://puppet.com/security/cve/CVE-2015-3900"
          ],
          "uuid": "f1adfd90-f895-4da7-9f94-3cfd502e165c"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubygems:rubygems:2.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3900"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-254"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
            },
            {
              "name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
            },
            {
              "name": "RHSA-2015:1657",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
            },
            {
              "name": "[oss-security] 20150626 rubygems \u003c2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020)",
              "refsource": "MLIST",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
            },
            {
              "name": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            },
            {
              "name": "75482",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/75482"
            },
            {
              "name": "FEDORA-2015-13157",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
            },
            {
              "name": "FEDORA-2015-12574",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
            },
            {
              "name": "FEDORA-2015-12501",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
            },
            {
              "name": "https://puppet.com/security/cve/CVE-2015-3900",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://puppet.com/security/cve/CVE-2015-3900"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-04-22T17:48Z",
      "publishedDate": "2015-06-24T14:59Z"
    }
  }
}

rhsa-2015_1657

Vulnerability from csaf_redhat

Published

2015-08-24 14:16

Modified

2024-11-14 15:28

Summary

Red Hat Security Advisory: rh-ruby22-ruby security update

Notes

Topic

Updated rh-ruby22-ruby packages that fix one security issue are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain. (CVE-2015-3900) All rh-ruby22-ruby users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Ruby need to be restarted for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated rh-ruby22-ruby packages that fix one security issue are now\navailable for Red Hat Software Collections 2.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Ruby is an extensible, interpreted, object-oriented, scripting language.\nIt has features to process text files and to perform system management\ntasks.\n\nA flaw was found in a way rubygems verified the API endpoint hostname\nretrieved through a DNS SRV record. A man-in-the-middle attacker could use\nthis flaw to force a client to download content from an untrusted domain.\n(CVE-2015-3900)\n\nAll rh-ruby22-ruby users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. All running\ninstances of Ruby need to be restarted for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1657",
        "url": "https://access.redhat.com/errata/RHSA-2015:1657"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1236116",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236116"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1657.json"
      }
    ],
    "title": "Red Hat Security Advisory: rh-ruby22-ruby security update",
    "tracking": {
      "current_release_date": "2024-11-14T15:28:18+00:00",
      "generator": {
        "date": "2024-11-14T15:28:18+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2015:1657",
      "initial_release_date": "2015-08-24T14:16:27+00:00",
      "revision_history": [
        {
          "date": "2015-08-24T14:16:27+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-08-24T14:16:27+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T15:28:18+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
                  "product_id": "7Server-RHSCL-2.0-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
                  "product_id": "6Server-RHSCL-2.0-6.6.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
                  "product_id": "6Server-RHSCL-2.0-6.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Software Collections"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
                  "product_id": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-tcltk@2.2.2-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
                  "product_id": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygems@2.4.5-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
                  "product_id": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-json@1.8.1-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
                  "product_id": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-io-console@0.4.3-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
                  "product_id": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-psych@2.0.8-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
                  "product_id": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-debuginfo@2.2.2-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
                  "product_id": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-libs@2.2.2-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
                  "product_id": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-devel@2.2.2-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
                  "product_id": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby@2.2.2-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
                  "product_id": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-bigdecimal@1.2.6-12.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
                  "product_id": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-psych@2.0.8-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
                  "product_id": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-json@1.8.1-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
                  "product_id": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-devel@2.2.2-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
                  "product_id": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-bigdecimal@1.2.6-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
                  "product_id": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby@2.2.2-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
                  "product_id": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-debuginfo@2.2.2-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
                  "product_id": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-tcltk@2.2.2-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
                  "product_id": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-io-console@0.4.3-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
                  "product_id": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-libs@2.2.2-12.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
                "product": {
                  "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
                  "product_id": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygems@2.4.5-12.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-power_assert@0.2.2-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
                  "product_id": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-doc@2.2.2-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-rdoc@4.2.0-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
                  "product_id": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-irb@2.2.2-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygems-devel@2.4.5-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-test-unit@3.0.8-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-rake@10.4.2-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
                  "product_id": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-minitest@5.4.3-12.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-rake@10.4.2-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-test-unit@3.0.8-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-rdoc@4.2.0-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygems-devel@2.4.5-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-minitest@5.4.3-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
                  "product_id": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-irb@2.2.2-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
                  "product_id": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby-doc@2.2.2-12.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
                "product": {
                  "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
                  "product_id": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-rubygem-power_assert@0.2.2-12.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
                "product": {
                  "name": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
                  "product_id": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby@2.2.2-12.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
                "product": {
                  "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
                  "product_id": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby22-ruby@2.2.2-12.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.src",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.src",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64"
        },
        "product_reference": "rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
        },
        "product_reference": "rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-3900",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "discovery_date": "2015-06-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1236116"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rubygems: DNS hijacking vulnerability in api_endpoint()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of rubygems as shipped with Red Hat Enterprise Linux 6, Red Hat Enterprise MRG 2.5, Red Hat Satellite 6, Red Hat Openstack 5, Red Hat Openshift Enterprise 2 as they did not include support for getting API endpoint using SRV DNS records.\n\nThis issue did not affect the versions of ruby as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for getting API endpoint using SRV DNS records. The issue did not affect version of ruby as shipped with Red Hat Enterprise Linux 7, as the support for getting API endpoint using SRV DNS records is included, but inactive.\n\nThis issue did not affect the versions of ruby193-ruby as shipped with Red Hat Subscription Asset Manager and Red Hat Software Collections as they did not include support for getting API endpoint using SRV DNS records.\n\nThe issue did not affect version of ruby200-ruby as shipped with Red Hat Software Collections, as the support for getting API endpoint using SRV DNS records is included, but inactive.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
          "6Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
          "6Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
          "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.src",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
          "7Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
          "7Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
          "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3900"
        },
        {
          "category": "external",
          "summary": "RHBZ#1236116",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236116"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3900",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3900"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3900",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3900"
        },
        {
          "category": "external",
          "summary": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html",
          "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
        }
      ],
      "release_date": "2015-05-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T14:16:27+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1657"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.src",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6.noarch",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el6.x86_64",
            "6Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el6.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Server-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Server-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.src",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-devel-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-doc-0:2.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-irb-0:2.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-libs-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-ruby-tcltk-0:2.2.2-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-io-console-0:0.4.3-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-json-0:1.8.1-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-minitest-0:5.4.3-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-psych-0:2.0.8-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rake-0:10.4.2-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7.noarch",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-0:2.4.5-12.el7.x86_64",
            "7Workstation-RHSCL-2.0:rh-ruby22-rubygems-devel-0:2.4.5-12.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "rubygems: DNS hijacking vulnerability in api_endpoint()"
    }
  ]
}

ghsa-wp3j-rvfp-624h

Vulnerability from github

Published

2022-05-14 01:08

Modified

2023-03-10 02:29

Summary

RubyGems vulnerable to DNS hijack attack

Details

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rubygems-update"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rubygems-update"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rubygems-update"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2015-3900"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-350"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-10T02:29:09Z",
    "nvd_published_at": "2015-06-24T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a \"DNS hijack attack.\"",
  "id": "GHSA-wp3j-rvfp-624h",
  "modified": "2023-03-10T02:29:09Z",
  "published": "2022-05-14T01:08:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3900"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rubygems-update/CVE-2015-3900.yml"
    },
    {
      "type": "WEB",
      "url": "https://puppet.com/security/cve/CVE-2015-3900"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170331091241/https://puppet.com/security/cve/CVE-2015-3900"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200228055155/http://www.securityfocus.com/bid/75482"
    },
    {
      "type": "WEB",
      "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356"
    },
    {
      "type": "WEB",
      "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900"
    },
    {
      "type": "WEB",
      "url": "http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1657.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/06/26/2"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "RubyGems vulnerable to DNS hijack attack"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2015-3900

Vulnerability from cvelistv5

gsd-2015-3900

Vulnerability from gsd

rhsa-2015_1657

Vulnerability from csaf_redhat

ghsa-wp3j-rvfp-624h

Vulnerability from github

Tags

Sightings

Nomenclature