Description

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

Remediation

References

CVE-2012-2126

Related Vulnerabilities

Squid Other Vulnerability (CVE-2016-4556)

WordPress Plugin WordPress Access Areas Security Bypass (1.3.0)

WordPress Plugin WP Google Review Slider SQL Injection (6.1)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Scripting (3.2.12)

WordPress Plugin SiteGround Security Security Bypass (1.2.5)

Severity

Medium

Classification

CVE-2012-2126

Tags

Missing Update Known Vulnerabilities