Lucene search
GoogleOSV:CVE-2016-7798HistoryJan 30, 2017 - 10:59 p.m.
CVE-2016-7798
2017-01-3022:59:00
Google
osv.dev
13
The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.
References
www.openwall.com/lists/oss-security/2016/09/19/9
www.openwall.com/lists/oss-security/2016/09/30/6
www.openwall.com/lists/oss-security/2016/10/01/2
www.securityfocus.com/bid/93031
github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062
github.com/ruby/openssl/issues/49
lists.debian.org/debian-lts-announce/2018/07/msg00012.html
www.debian.org/security/2017/dsa-3966
Related
nessus
nessus
Fedora 25 : ruby (2017-7faa3d2e78)
2017-08-07 00:00:00
EulerOS 2.0 SP3 : ruby (EulerOS-SA-2020-1432)
2020-04-15 00:00:00
Fedora 24 : ruby (2017-f16ba664e7)
2017-08-11 00:00:00
cvelist
cvelist
CVE-2016-7798
2017-01-30 22:00:00
amazon
amazon
Medium: ruby23
2017-08-31 15:57:00
redhatcve
redhatcve
CVE-2016-7798
2016-10-04 11:47:20
mageia
mageia
Updated ruby packages fix a security vulnerability
2016-10-13 10:20:57
fedora
fedora
[SECURITY] Fedora 25 Update: ruby-2.3.3-62.fc25
2017-08-04 20:51:00
[SECURITY] Fedora 24 Update: ruby-2.3.3-62.fc24
2017-08-04 19:48:31
openvas
openvas
Fedora Update for ruby FEDORA-2017-f16ba664e7
2017-08-07 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1432)
2020-04-16 00:00:00
Fedora Update for ruby FEDORA-2017-7faa3d2e78
2017-08-07 00:00:00
debiancve
debiancve
CVE-2016-7798
2017-01-30 22:59:00
osv
osv
OpenSSL gem for Ruby using inadequate encryption strength
2017-10-24 18:33:35
ruby2.3 - security update
2017-09-05 00:00:00
ruby2.1 - security update
2018-07-13 00:00:00
cve
cve
CVE-2016-7798
2017-01-30 22:59:00
nvd
nvd
CVE-2016-7798
2017-01-30 22:59:00
github
github
OpenSSL gem for Ruby using inadequate encryption strength
2017-10-24 18:33:35
f5
f5
K30215094 : Ruby vulnerability CVE-2016-7798
2017-03-02 00:00:00
prion
prion
Design/Logic Flaw
2017-01-30 22:59:00
ubuntucve
ubuntucve
CVE-2016-7798
2017-01-30 00:00:00
rubygems
rubygems
Incorrect handling of initialization vector in the GCM mode in OpenSSL
2017-10-23 21:00:00
cbl_mariner
cbl_mariner
CVE-2016-7798 affecting package openssl 1.1.1g-6
2021-08-11 06:39:26
debian
debian
[SECURITY] [DSA 3966-1] ruby2.3 security update
2017-09-05 20:17:58
[SECURITY] [DLA 1421-1] ruby2.1 security update
2018-07-14 06:28:37
ubuntu
ubuntu
Ruby vulnerabilities
2017-07-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1939
2021-07-02 17:38:47