1. Home
  2. Vulnerabilities
  3. CVE-2012-2126

CVE-2012-2126

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 0.30 % (70th)
0.30% Progress
Affected Products 3
Advisories 8
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

Weaknesses
CWE-310
Cryptographic Issues
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2013-10-01 17:55:03
(11 years ago)
Updated Date
2014-01-14 04:17:25
(10 years ago)

Affected Products

Canonical

Redhat

Rubygems

Configuration #1

AND
    CPE23 From Up To
OR  
  Rubygems 1.8.22 and prior versions cpe:2.3:a:rubygems:rubygems <= 1.8.22
OR  
  Running on/with
  Rubygems 1.8.0 cpe:2.3:a:rubygems:rubygems:1.8.0
OR  
  Running on/with
  Rubygems 1.8.1 cpe:2.3:a:rubygems:rubygems:1.8.1
OR  
  Running on/with
  Rubygems 1.8.2 cpe:2.3:a:rubygems:rubygems:1.8.2
OR  
  Running on/with
  Rubygems 1.8.3 cpe:2.3:a:rubygems:rubygems:1.8.3
OR  
  Running on/with
  Rubygems 1.8.4 cpe:2.3:a:rubygems:rubygems:1.8.4
OR  
  Running on/with
  Rubygems 1.8.5 cpe:2.3:a:rubygems:rubygems:1.8.5
OR  
  Running on/with
  Rubygems 1.8.6 cpe:2.3:a:rubygems:rubygems:1.8.6
OR  
  Running on/with
  Rubygems 1.8.7 cpe:2.3:a:rubygems:rubygems:1.8.7
OR  
  Running on/with
  Rubygems 1.8.8 cpe:2.3:a:rubygems:rubygems:1.8.8
OR  
  Running on/with
  Rubygems 1.8.9 cpe:2.3:a:rubygems:rubygems:1.8.9
OR  
  Running on/with
  Rubygems 1.8.10 cpe:2.3:a:rubygems:rubygems:1.8.10
OR  
  Running on/with
  Rubygems 1.8.11 cpe:2.3:a:rubygems:rubygems:1.8.11
OR  
  Running on/with
  Rubygems 1.8.12 cpe:2.3:a:rubygems:rubygems:1.8.12
OR  
  Running on/with
  Rubygems 1.8.13 cpe:2.3:a:rubygems:rubygems:1.8.13
OR  
  Running on/with
  Rubygems 1.8.14 cpe:2.3:a:rubygems:rubygems:1.8.14
OR  
  Running on/with
  Rubygems 1.8.15 cpe:2.3:a:rubygems:rubygems:1.8.15
OR  
  Running on/with
  Rubygems 1.8.16 cpe:2.3:a:rubygems:rubygems:1.8.16
OR  
  Running on/with
  Rubygems 1.8.17 cpe:2.3:a:rubygems:rubygems:1.8.17
OR  
  Running on/with
  Rubygems 1.8.18 cpe:2.3:a:rubygems:rubygems:1.8.18
OR  
  Running on/with
  Rubygems 1.8.19 cpe:2.3:a:rubygems:rubygems:1.8.19
OR  
  Running on/with
  Rubygems 1.8.20 cpe:2.3:a:rubygems:rubygems:1.8.20
OR  
  Running on/with
  Rubygems 1.8.21 cpe:2.3:a:rubygems:rubygems:1.8.21
OR  
  Running on/with
  Redhat Openshift 1.2.2 cpe:2.3:a:redhat:openshift:1.2.2:*:*:*:enterprise
OR  
  Running on/with
  Canonical Ubuntu Linux 12.04 Lts Edition cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts