CVE-2015-1828

Published
View on NVD ↗
CVSS v3
5.9
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT

Description

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.

ruby/openssl
ruby/openssl
Provides SSL, TLS and general purpose cryptography.
GitHubGitHub
271