CVE-2015-1855: Ruby’s OpenSSL extension weak security

ID CVE-2015-1855
Type cve
Reporter NVD
Modified 2015-04-13T00:00:00


Ruby’s OpenSSL extension could provide weaker than expected security, caused by the violation of RFC 6125 by the hostname matching implementation. An attacker could exploit this vulnerability to launch further attacks on the system.