CVE-2015-4020

2015-08-2517:59:00

Debian Security Bug Tracker

security-tracker.debian.org

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a “DNS hijack attack.” NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900.

OSVersionArchitecturePackageVersionFilename
Debian12alljruby< 9.3.9.0+ds-8jruby_9.3.9.0+ds-8_all.deb
Debian10alljruby< 9.1.17.0-3jruby_9.1.17.0-3_all.deb
Debian999alljruby< 9.4.6.0+ds-1.1jruby_9.4.6.0+ds-1.1_all.deb
Debian13alljruby< 9.4.6.0+ds-1.1jruby_9.4.6.0+ds-1.1_all.deb
Debian12allrubygems< 3.3.15-2rubygems_3.3.15-2_all.deb
Debian11allrubygems< 3.2.5-2rubygems_3.2.5-2_all.deb
Debian999allrubygems< 3.4.20-1rubygems_3.4.20-1_all.deb
Debian13allrubygems< 3.4.20-1rubygems_3.4.20-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	jruby	< 9.3.9.0+ds-8	jruby_9.3.9.0+ds-8_all.deb
Debian	10	all	jruby	< 9.1.17.0-3	jruby_9.1.17.0-3_all.deb
Debian	999	all	jruby	< 9.4.6.0+ds-1.1	jruby_9.4.6.0+ds-1.1_all.deb
Debian	13	all	jruby	< 9.4.6.0+ds-1.1	jruby_9.4.6.0+ds-1.1_all.deb
Debian	12	all	rubygems	< 3.3.15-2	rubygems_3.3.15-2_all.deb
Debian	11	all	rubygems	< 3.2.5-2	rubygems_3.2.5-2_all.deb
Debian	999	all	rubygems	< 3.4.20-1	rubygems_3.4.20-1_all.deb
Debian	13	all	rubygems	< 3.4.20-1	rubygems_3.4.20-1_all.deb