CVE-2012-2126

Published: 10/1/2013 Last updated: 8/6/2024 Reserved: 4/4/2012

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a