VDB

DEBIAN-CVE-2012-2126

DEBIAN-CVE-2012-2126 PUBLISHED

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

Affected Products

VendorProductVersions
Debian:12rubygems0, 0, 0
Debian:14rubygems0, 0, 0
Debian:13rubygems0, 0, 0
Debian:11rubygems0, 0, 0

Timeline

  • Oct 1, 2013 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›