Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:50 a.m.36 views

Ruby Openssl Allows Incorrect Value Comparison

An issue was discovered in the OpenSSL library in Ruby when two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one...

9.8CVSS8.7AI score0.10715EPSS
Exploits0References23Affected Software1
RedhatCVE
RedhatCVE
added 2020/01/25 10:9 p.m.28 views

CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS2AI score0.10715EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/04 5:55 a.m.58 views

Security Bulletin: A vulnerability in Ruby affects PowerKVM

Summary PowerKVM is affected by a vulnerability in Ruby. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2018-16395 DESCRIPTION: Ruby could allow a remote attacker to bypass security restrictions, caused by a flaw when comparing two OpenSSL::X509::Name objects using == ...

9.8CVSS1.1AI score0.10715EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/12 6:5 p.m.36 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private - fluentd

Summary IBM Cloud Private fluentd component is vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-16396 DESCRIPTION: Ruby could allow a remote attacker to bypass security restrictions, caused by the failure to properly check security controls. By sending a...

10CVSS0.8AI score0.49268EPSS
Exploits4Affected Software1
Amazon
Amazon
added 2018/12/06 12:0 a.m.213 views

Important: ruby23, ruby24

Issue Overview: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first...

9.8CVSS9.1AI score0.10715EPSS
Exploits0
Cvelist
Cvelist
added 2018/11/16 6:0 p.m.22 views

CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

7.3AI score0.10715EPSS
Exploits0References19
Debian CVE
Debian CVE
added 2018/11/16 6:0 p.m.54 views

CVE-2018-16395

Removed by vendor...

9.8CVSS9.4AI score0.10715EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/10/26 12:0 a.m.27 views

CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS7.1AI score0.10715EPSS
Exploits0References3
RubySec
RubySec
added 2018/10/17 12:0 a.m.15 views

Incorrect value comparison in Ruby openssl

An issue was discovered in the OpenSSL library in Ruby when two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one...

9.8CVSS6.7AI score0.10715EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder