RubyGems contains a flaw in the api_endpoint() function in remote_fetcher.rb
that is triggered when handling hostnames in SRV records. With a specially
crafted response, a context-dependent attacker may conduct DNS hijacking
attacks. This vulnerability is due to an incomplete fix for CVE-2015-3900,
which allowed redirection to an arbitrary gem server in any security domain.
CPE | Name | Operator | Version |
---|---|---|---|
rubygems-update | le | 2.0.16 | |
rubygems-update | ge | 2.1.0 | |
rubygems-update | le | 2.2.4 | |
rubygems-update | ge | 2.3.0 | |
rubygems-update | lt | 2.4.8 |