CVE-2017-0902
CVSS v3.0
8.1 (High)
CVSS v2.0
6.8 (Medium)
EPSS
0.75 % (81th)
Affected Products
9
Advisories
15
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- HackerOne
- Published Date
-
2017-08-31 20:29:00
(7 years ago) - Updated Date
-
2019-10-09 23:21:10
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...