Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Http.rb Project Subscribe
Filtered by product Http.rb
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1828 1 Http.rb Project 1 Http.rb 2019-10-17 4.3 MEDIUM 5.9 MEDIUM
The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.