[USN-1902-1] Ruby vulnerability
Severity
Medium
CVEs
1
An attacker could trick Ruby into trusting a rogue server.
William (B.J.) Snow Orvis discovered that Ruby incorrectly verified the
hostname in SSL certificates. An attacker could trick Ruby into trusting a
rogue server certificate, which was signed by a trusted certificate
authority, to perform a machine-in-the-middle attack.
- ID
- USN-1902-1
- Severity
- medium
- Severity from
- CVE-2013-4073
- URL
- https://ubuntu.com/security/notices/USN-1902-1
- Published
-
2013-07-09T15:13:12
(11 years ago) - Modified
-
2013-07-09T15:13:12
(11 years ago) - Other Advisories
DSA-2738-1
ELSA-2013-1090
FEDORA-2013-12062
FREEBSD:EBD877B9-7EF4-4375-B1FD-C67780581898
RHSA-2013:1090
SSA:2013-178-01| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |