VDB
CVE-2015-3900
CVE-2015-3900
PUBLISHED
EPSS 2.40% · 85.4th percentile
Risk Scores
EPSS Score
2.40%
85.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | ruby21 | |
| Amazon | ruby20 | |
| Amazon | ruby22 |
Exploit Intelligence
- Request Hijacking Vulnerability In RubyGems 2.4.6 And Earlier (hackerone)
- Request Hijacking Vulnerability In RubyGems 2.4.6 And Earlier (hackerone)
- Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier (hackerone)
- Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier (hackerone)
- Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier (hackerone)
Timeline
- CVE Published
- May 14, 2015 PoC Published
- Aug 30, 2017 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Dec 17, 2024 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- Jun 1, 2025 EPSS Score
- Jun 4, 2025 EPSS Score
- Jul 1, 2025 EPSS Score
- Jul 4, 2025 EPSS Score
References
- ALAS-2015-547: ruby20 (medium) advisory
- ALAS-2015-548: ruby21 (medium) advisory
- ALAS-2015-549: ruby22 (medium) advisory