Lucene search
Redhat.comRH:CVE-2017-0902HistorySep 01, 2017 - 11:19 a.m.
CVE-2017-0902
2017-09-0111:19:06
redhat.com
access.redhat.com
10
0.008 Low
EPSS
Percentile
81.1%
A vulnerability was found where rubygems did not sanitize DNS responses when requesting the hostname of the rubygems server for a domain, via a _rubygems._tcp DNS SRV query. An attacker with the ability to manipulate DNS responses could direct the gem command towards a different domain.
Related
prion
prion
Spoofing
2017-08-31 20:29:00
alpinelinux
alpinelinux
CVE-2017-0902
2017-08-31 20:29:00
github
github
RubyGems has Origin Validation Error vulnerability
2022-05-13 01:38:25
osv
osv
CVE-2017-0902
2017-08-31 20:29:00
RubyGems has Origin Validation Error vulnerability
2022-05-13 01:38:25
ruby2.3 - security update
2017-09-05 00:00:00
hackerone
hackerone
RubyGems: Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier
2017-10-04 04:06:15
RubyGems: Request Hijacking Vulnerability in RubyGems 2.6.11 and earlier
2017-04-02 17:31:05
ubuntucve
ubuntucve
veracode
veracode
Improper Access Control
2019-05-16 02:16:34
nvd
nvd
CVE-2017-0902
2017-08-31 20:29:00
cve
cve
CVE-2017-0902
2017-08-31 20:29:00
debiancve
debiancve
CVE-2017-0902
2017-08-31 20:29:00
cvelist
cvelist
CVE-2017-0902
2017-08-27 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : Ruby vulnerabilities (USN-3553-1)
2018-02-01 00:00:00
Fedora 26 : rubygems (2017-20214ad330)
2017-09-11 00:00:00
GLSA-201710-01 : RubyGems: Multiple vulnerabilities
2017-10-09 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2018-01-31 00:00:00
Ruby vulnerabilities
2018-06-13 00:00:00
Ruby regression
2021-03-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3553-1)
2018-10-26 00:00:00
Fedora Update for rubygems FEDORA-2017-20214ad330
2017-09-10 00:00:00
Fedora Update for ruby FEDORA-2017-e136d63c99
2017-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: rubygems-2.6.13-100.fc27
2017-09-30 07:26:40
[SECURITY] Fedora 26 Update: rubygems-2.6.13-100.fc26
2017-09-09 23:57:10
[SECURITY] Fedora 25 Update: ruby-2.3.4-64.fc25
2017-09-16 03:24:34
gentoo
gentoo
RubyGems: Multiple vulnerabilities
2017-10-08 00:00:00
f5
f5
mageia
mageia
Updated ruby-RubyGems packages fix security vulnerabilities
2017-12-31 18:14:43
debian
debian
[SECURITY] [DSA 3966-1] ruby2.3 security update
2017-09-05 20:17:58
[SECURITY] [DLA 1421-1] ruby2.1 security update
2018-07-14 06:28:37
slackware
slackware
[slackware-security] ruby
2017-09-18 19:20:47
redhat
redhat
(RHSA-2017:3485) Moderate: rh-ruby24-ruby security, bug fix, and enhancement update
2017-12-19 08:13:07
(RHSA-2018:0585) Important: rh-ruby23-ruby security, bug fix, and enhancement update
2018-03-26 09:13:23
(RHSA-2018:0378) Important: ruby security update
2018-02-28 16:24:33
amazon
amazon
Medium: ruby22, ruby23
2017-10-02 17:01:00
Medium: ruby24
2017-10-26 17:01:00
ibm
ibm
Security Bulletin: Vulnerabilities in Ruby affect PowerKVM
2018-06-18 01:42:18
oraclelinux
oraclelinux
ruby security update
2018-02-28 00:00:00
centos
centos
ruby, rubygem, rubygems security update
2018-03-10 11:53:01