Fedora Update for rubygems FEDORA-2013-17662

Check for the Version of rubygems OpenVAS Vulnerability Test Fedora Update for rubygems FEDORA-2013-17662 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 18 Update: rubygems-1.8.25-8.fc18

RubyGems is the Ruby standard for publishing and managing third party libraries...

[SECURITY] Fedora 19 Update: rubygems-2.0.10-106.fc19

RubyGems is the Ruby standard for publishing and managing third party libraries...

Fedora 18 : rubygems-1.8.25-8.fc18 (2013-17649)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...

Fedora 19 : rubygems-2.0.10-106.fc19 (2013-17662)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...

CVE-2012-2126

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2125

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2126

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2125

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

Design/Logic Flaw

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

Design/Logic Flaw

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2126

CVE-2012-2126 affects RubyGems prior to 1.8.23, where SSL certificate verification is not performed, enabling an attacker to perform a MITM attack to modify a gem during installation. Public references indicate the issue is addressed by upgrading RubyGems (e.g., to 1.8.23 or later) in affected en...

CVE-2012-2126

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2125

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2126

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

CVE-2012-2125

CVE-2012-2125 affects RubyGems prior to 1.8.23, where HTTPS connections could be redirected to HTTP, enabling a remote attacker to observe or modify a gem during installation via a man‑in‑the‑middle. The accompanying open‑source advisories and OS patch references document this issue across multip...

CVE-2012-2125

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

[SECURITY] Fedora 20 Update: rubygems-2.0.10-106.fc20

RubyGems is the Ruby standard for publishing and managing third party libraries...

Amazon Linux AMI : rubygems (ALAS-2013-230)

Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...

Fedora 20 : rubygems-2.0.10-106.fc20 (2013-17603)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...