Lucene search
GoogleOSV:GHSA-WW79-8XWV-932XHistoryOct 24, 2017 - 6:33 p.m.
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-2418:33:36
Google
osv.dev
4
0.002 Low
EPSS
Percentile
53.6%
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
References
lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html
lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html
seclists.org/oss-sec/2014/q1/509
bugzilla.redhat.com/show_bug.cgi?id=1058595
github.com/abenari/rbovirt
github.com/rubysec/ruby-advisory-db/blob/master/gems/rbovirt/CVE-2014-0036.yml
nvd.nist.gov/vuln/detail/CVE-2014-0036
Related
openvas
openvas
Fedora Update for rubygem-rbovirt FEDORA-2014-3526
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3573
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3526
2014-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-rbovirt-0.0.18-4.fc19
2014-03-15 15:18:05
[SECURITY] Fedora 20 Update: rubygem-rbovirt-0.0.18-4.fc20
2014-03-15 15:23:32
prion
prion
Design/Logic Flaw
2014-04-17 14:55:00
nvd
nvd
CVE-2014-0036
2014-04-17 14:55:06
nessus
nessus
Fedora 20 : rubygem-rbovirt-0.0.18-4.fc20 (2014-3526)
2014-03-17 00:00:00
Fedora 19 : rubygem-rbovirt-0.0.18-4.fc19 (2014-3573)
2014-03-17 00:00:00
cve
cve
CVE-2014-0036
2014-04-17 14:55:06
cvelist
cvelist
CVE-2014-0036
2014-04-17 14:00:00
github
github
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-24 18:33:36
rubygems
rubygems
CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client
2014-03-04 20:00:00