Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2026/01/09 11:52 a.m.10 views

CVE-2009-4123

The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation...

7.5CVSS6.9AI score0.006EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0176

Malware in sbrugna...

7.5CVSS6.9AI score0.03167EPSS
Exploits1References18
redhatcve
redhatcve
added 2025/05/07 8:15 p.m.9 views

CVE-2025-46551

A security issue was discovered in JRuby-OpenSSL gem for JRuby. When verifying SSL certificates, jruby-openssl does not confirm that the hostname presented in the certificate matches the hostname of the system in which it is attempting to connect. A man-in-the-middle can present a valid certifica...

6.5CVSS6.3AI score0.0016EPSS
Exploits1References5
nvd
nvd
added 2023/12/12 4:15 p.m.17 views

CVE-2009-4123

The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation...

7.5CVSS0.006EPSS
Exploits0References4
cve
cve
added 2023/12/12 12:0 a.m.111 views

CVE-2009-4123

CVE-2009-4123 affects the jruby-openssl gem for JRuby, with versions prior to 0.6 mishandling SSL certificate validation. The issue enables attackers to masquerade as a legitimate SSL server by abusing certificate validation logic, per Red Hat andVeracode entries, which detail faulty handling suc...

7.5CVSS7.5AI score0.006EPSS
Exploits0References4Affected Software1
f5
f5
added 2023/02/21 6:59 p.m.55 views

K30215094: Ruby vulnerability CVE-2016-7798

Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...

7.5CVSS7AI score0.03167EPSS
Exploits1
nessus
nessus
added 2020/04/15 12:0 a.m.31 views

EulerOS 2.0 SP3 : ruby (EulerOS-SA-2020-1432)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for...

7.5CVSS7AI score0.03167EPSS
Exploits1References2
nessus
nessus
added 2019/09/17 12:0 a.m.26 views

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-1868)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for...

7.5CVSS7AI score0.03167EPSS
Exploits1References2
osv
osv
added 2017/01/30 10:59 p.m.3 views

DEBIAN-CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...

7.5CVSS6.8AI score0.03167EPSS
Exploits1References1
Rows per page
Query Builder