Vulnerability Name:

CVE-2007-5162 (CCN-36861)

Assigned:2007-09-27
Published:2007-09-27
Updated:2018-10-15
Summary:The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.4 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-287
Vulnerability Consequences:Other
References:Source: CCN
Type: BugTraq Mailing List, Thu Sep 27 2007 - 18:01:36 CDT
Ruby Net::HTTPS library does not validate server certificate CN

Source: MITRE
Type: CNA
CVE-2007-5162

Source: CCN
Type: RHSA-2007-0961
Moderate: ruby security update

Source: CCN
Type: RHSA-2007-0965
Moderate: ruby security update

Source: CCN
Type: SA26985
Ruby "Net::HTTPS" Common Name Verification Security Issue

Source: SECUNIA
Type: UNKNOWN
26985

Source: SECUNIA
Type: UNKNOWN
27044

Source: SECUNIA
Type: UNKNOWN
27432

Source: SECUNIA
Type: UNKNOWN
27576

Source: SECUNIA
Type: UNKNOWN
27673

Source: SECUNIA
Type: UNKNOWN
27756

Source: SECUNIA
Type: UNKNOWN
27764

Source: SECUNIA
Type: UNKNOWN
27769

Source: SECUNIA
Type: UNKNOWN
27818

Source: SECUNIA
Type: UNKNOWN
28645

Source: SECUNIA
Type: UNKNOWN
29556

Source: SREASON
Type: UNKNOWN
3180

Source: CCN
Type: ASA-2007-487
Ruby security update (RHSA-2007-0961)

Source: CONFIRM
Type: Patch
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499

Source: CONFIRM
Type: Patch
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13500

Source: CCN
Type: Ruby Web site
Revision 13502

Source: CONFIRM
Type: Patch
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13502

Source: CONFIRM
Type: Patch
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504

Source: DEBIAN
Type: UNKNOWN
DSA-1410

Source: DEBIAN
Type: UNKNOWN
DSA-1411

Source: DEBIAN
Type: UNKNOWN
DSA-1412

Source: DEBIAN
Type: DSA-1410
ruby1.8 -- programming error

Source: DEBIAN
Type: DSA-1411
libopenssl-ruby -- programming error

Source: DEBIAN
Type: DSA-1412
ruby1.9 -- programming error

Source: CCN
Type: iSEC Partners Security Advisory - 2007-006-RubySSL
Ruby Net::HTTPS library does not validate server certificate CN

Source: MISC
Type: UNKNOWN
http://www.isecpartners.com/advisories/2007-006-rubyssl.txt

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:029

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:024

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0961

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0965

Source: BUGTRAQ
Type: UNKNOWN
20070927 Ruby Net::HTTPS library does not validate server certificate CN

Source: BUGTRAQ
Type: UNKNOWN
20071112 FLEA-2007-0068-1 ruby

Source: BID
Type: Patch
25847

Source: CCN
Type: BID-25847
Ruby Net::HTTP SSL Insecure Certificate Validation Weakness

Source: CCN
Type: USN-596-1
Ruby vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-596-1

Source: VUPEN
Type: UNKNOWN
ADV-2007-3340

Source: MISC
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=313791

Source: XF
Type: UNKNOWN
ruby-nethttps-mitm(36861)

Source: XF
Type: UNKNOWN
ruby-nethttps-mitm(36861)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10738

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-718

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2406

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2685

Source: SUSE
Type: SUSE-SR:2007:024
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z:*:es:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20075162
    V
    CVE-2007-5162
    2022-05-20
    oval:org.opensuse.security:def:42436
    P
    Security update for expat (Important)
    2022-04-19
    oval:org.opensuse.security:def:31756
    P
    Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:31755
    P
    Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:31373
    P
    Security update for net-snmp (Important)
    2022-01-05
    oval:org.opensuse.security:def:26180
    P
    Security update for php74 (Moderate)
    2021-12-06
    oval:org.opensuse.security:def:31715
    P
    Security update for the Linux Kernel (Important)
    2021-12-06
    oval:org.opensuse.security:def:26179
    P
    Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:31713
    P
    Security update for clamav (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:31299
    P
    Security update for qemu (Important)
    2021-11-10
    oval:org.opensuse.security:def:32210
    P
    Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:26155
    P
    Security update for cairo (Low)
    2021-10-22
    oval:org.opensuse.security:def:32209
    P
    Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:31288
    P
    Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:31287
    P
    Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:42227
    P
    Security update for rpm (Important)
    2021-10-15
    oval:org.opensuse.security:def:26123
    P
    Security update for openssl-1_0_0 (Low)
    2021-09-09
    oval:org.opensuse.security:def:26115
    P
    Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32992
    P
    Security update for gstreamer-plugins-good (Moderate)
    2021-09-02
    oval:org.opensuse.security:def:26104
    P
    Security update for libcares2 (Important)
    2021-08-16
    oval:org.opensuse.security:def:32161
    P
    Security update for cpio (Important)
    2021-08-14
    oval:org.opensuse.security:def:26103
    P
    Security update for the Linux Kernel (Important)
    2021-08-10
    oval:org.opensuse.security:def:26102
    P
    Security update for php72 (Important)
    2021-08-06
    oval:org.opensuse.security:def:31654
    P
    Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26088
    P
    Security update for the Linux Kernel (Important)
    2021-07-14
    oval:org.opensuse.security:def:32953
    P
    Security update for ovmf (Important)
    2021-06-22
    oval:org.opensuse.security:def:32122
    P
    Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:36289
    P
    ruby-1.8.7.p357-0.9.17.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36554
    P
    ruby-devel-1.8.7.p357-0.9.17.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42696
    P
    ruby-1.8.7.p357-0.9.17.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31191
    P
    Security update for gstreamer-plugins-bad (Important)
    2021-06-07
    oval:org.opensuse.security:def:32105
    P
    Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:32107
    P
    Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:26049
    P
    Security update for lz4 (Important)
    2021-05-14
    oval:org.opensuse.security:def:26042
    P
    Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:32065
    P
    Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:32063
    P
    Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:32271
    P
    Security update for git (Important)
    2021-03-09
    oval:org.opensuse.security:def:26208
    P
    Security update for git (Important)
    2021-03-09
    oval:org.opensuse.security:def:31741
    P
    Security update for wpa_supplicant (Important)
    2021-03-09
    oval:org.opensuse.security:def:32249
    P
    Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:31323
    P
    Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:26146
    P
    Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:32002
    P
    Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:31559
    P
    Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:35637
    P
    ruby-1.8.7.p72-5.24.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35820
    P
    ruby-1.8.7.p357-0.7.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42044
    P
    ruby-1.8.7.p72-5.24.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36029
    P
    ruby-1.8.7.p357-0.9.9.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25371
    P
    Security update for python-ipaddress (Important)
    2020-12-01
    oval:org.opensuse.security:def:31505
    P
    Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27552
    P
    ruby-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25838
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31841
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26529
    P
    cifs-mount on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25906
    P
    Security update for sane-backends (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32745
    P
    lvm2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25446
    P
    Security update for nfs-utils (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26257
    P
    Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32575
    P
    log4net on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25850
    P
    Security update for libreoffice (Low)
    2020-12-01
    oval:org.opensuse.security:def:26733
    P
    lcms on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31106
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25655
    P
    Security update for spice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31897
    P
    Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:26570
    P
    kdebase3-runtime on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33252
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31495
    P
    Security update for Python
    2020-12-01
    oval:org.opensuse.security:def:26821
    P
    squid3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26819
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25188
    P
    Security update for texlive (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25796
    P
    Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27252
    P
    openslp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31507
    P
    Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32421
    P
    Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31925
    P
    Security update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:25200
    P
    Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31415
    P
    Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26000
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25579
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26415
    P
    Security update for python-Django (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32509
    P
    fetchmail on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32602
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25392
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25654
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:31862
    P
    Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26517
    P
    NetworkManager-gnome on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26602
    P
    libsndfile on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25530
    P
    Security update for virglrenderer (Important)
    2020-12-01
    oval:org.opensuse.security:def:31771
    P
    Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:26354
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25863
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26835
    P
    unrar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26307
    P
    Security update for conntrack-tools (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25765
    P
    Security update for Adobe Flash Player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31859
    P
    Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27027
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25370
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26004
    P
    Security update for shotwell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27517
    P
    mozilla-nss-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31767
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26445
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25867
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25382
    P
    Security update for squid (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31597
    P
    Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32531
    P
    ipsec-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25839
    P
    Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31973
    P
    Security update for jakarta-taglibs-standard (Important)
    2020-12-01
    oval:org.opensuse.security:def:26680
    P
    cups on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32784
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31105
    P
    Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:25574
    P
    Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26296
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33213
    P
    nfs-client on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25914
    P
    Security update for firebird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26782
    P
    man on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26784
    P
    mono-core on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31117
    P
    Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25712
    P
    Security update for python36 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31953
    P
    Security update for gstreamer-0_10-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26614
    P
    mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31496
    P
    Security update for python-imaging
    2020-12-01
    oval:org.opensuse.security:def:32365
    P
    Security update for supportutils (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31881
    P
    Security update for dnsmasq (Important)
    2020-12-01
    oval:org.opensuse.security:def:25189
    P
    Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25947
    P
    Security update for freerdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32041
    P
    Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:27287
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25578
    P
    Security update for python-ipaddress (Important)
    2020-12-01
    oval:org.opensuse.security:def:31581
    P
    Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26264
    P
    Security update for gegl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32470
    P
    Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:32563
    P
    libpulse-browse0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25264
    P
    Security update for memcached (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31472
    P
    Security update for ppp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32315
    P
    Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25590
    P
    Security update for dovecot22 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31805
    P
    Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26468
    P
    Security update for go1.9 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25964
    P
    Security update for libraw (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25473
    P
    Security update for strongswan (Important)
    2020-12-01
    oval:org.opensuse.security:def:26310
    P
    Security update for Cloud Compute 12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25782
    P
    Security update for evolution-data-server (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31949
    P
    Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26556
    P
    gmime on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26637
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25614
    P
    Security update for perl-DBI (Important)
    2020-12-01
    oval:org.opensuse.security:def:31820
    P
    Security update for augeas (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26992
    P
    mozilla-xulrunner192 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25920
    P
    Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26879
    P
    cvs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26388
    P
    Security update for irssi (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25818
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.mitre.oval:def:17689
    P
    USN-596-1 -- ruby1.8 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:18414
    P
    DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
    2014-06-23
    oval:org.mitre.oval:def:18657
    P
    DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
    2014-06-23
    oval:org.mitre.oval:def:21946
    P
    ELSA-2007:0965: ruby security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:10738
    V
    The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
    2013-04-29
    oval:com.redhat.rhsa:def:20070965
    P
    RHSA-2007:0965: ruby security update (Moderate)
    2008-03-20
    oval:org.debian:def:1412
    V
    programming error
    2007-11-24
    oval:org.debian:def:1410
    V
    programming error
    2007-11-24
    oval:org.debian:def:1411
    V
    programming error
    2007-11-24
    oval:com.redhat.rhsa:def:20070961
    P
    RHSA-2007:0961: ruby security update (Moderate)
    2007-11-13
    BACK
    ruby-lang ruby 1.8.5
    ruby-lang ruby 1.8.6
    ruby-lang ruby 1.8.5
    ruby-lang ruby 1.8.6
    suse suse linux *
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    canonical ubuntu 6.06
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1
    redhat enterprise linux 4.5.z
    redhat enterprise linux 4.5.z