(RHSA-2021:0937) Important: rubygem-em-http-request security update

2021-03-1812:26:33

access.redhat.com

0.001 Low

EPSS

Percentile

39.5%

JSON

EventMachine based, async HTTP Request client.

Security Fix(es):

missing SSL hostname validation allows MITM (CVE-2020-13482)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64lerubygem-em-http-request< 1.1.5-4.el7ostrubygem-em-http-request-1.1.5-4.el7ost.ppc64le.rpm
RedHat7x86_64rubygem-em-http-request< 1.1.5-4.el7ostrubygem-em-http-request-1.1.5-4.el7ost.x86_64.rpm
RedHat7ppc64lerubygem-em-http-request-debuginfo< 1.1.5-4.el7ostrubygem-em-http-request-debuginfo-1.1.5-4.el7ost.ppc64le.rpm
RedHat7x86_64rubygem-em-http-request-debuginfo< 1.1.5-4.el7ostrubygem-em-http-request-debuginfo-1.1.5-4.el7ost.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	ppc64le	rubygem-em-http-request	< 1.1.5-4.el7ost	rubygem-em-http-request-1.1.5-4.el7ost.ppc64le.rpm
RedHat	7	x86_64	rubygem-em-http-request	< 1.1.5-4.el7ost	rubygem-em-http-request-1.1.5-4.el7ost.x86_64.rpm
RedHat	7	ppc64le	rubygem-em-http-request-debuginfo	< 1.1.5-4.el7ost	rubygem-em-http-request-debuginfo-1.1.5-4.el7ost.ppc64le.rpm
RedHat	7	x86_64	rubygem-em-http-request-debuginfo	< 1.1.5-4.el7ost	rubygem-em-http-request-debuginfo-1.1.5-4.el7ost.x86_64.rpm

0.001 Low

EPSS

Percentile

39.5%

JSON

Related for RHSA-2021:0937