Description
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2012-0504 Vulnerability (CVE-2012-0504)
Contao Improper Input Validation Vulnerability (CVE-2020-25768)
Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1648)
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)