Description
RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14597 Vulnerability (CVE-2020-14597)
MySQL CVE-2018-3171 Vulnerability (CVE-2018-3171)
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)