CVE-2014-0036

The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
amos_benarirbovirt
𝑥
≤ 0.0.23
amos_benarirbovirt
0.0.1
amos_benarirbovirt
0.0.2
amos_benarirbovirt
0.0.3
amos_benarirbovirt
0.0.4
amos_benarirbovirt
0.0.5
amos_benarirbovirt
0.0.6
amos_benarirbovirt
0.0.7
amos_benarirbovirt
0.0.8
amos_benarirbovirt
0.0.9
amos_benarirbovirt
0.0.10
amos_benarirbovirt
0.0.11
amos_benarirbovirt
0.0.12
amos_benarirbovirt
0.0.13
amos_benarirbovirt
0.0.14
amos_benarirbovirt
0.0.15
amos_benarirbovirt
0.0.16
amos_benarirbovirt
0.0.17
amos_benarirbovirt
0.0.18
amos_benarirbovirt
0.0.19
amos_benarirbovirt
0.0.20
amos_benarirbovirt
0.0.21
amos_benarirbovirt
0.0.22
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html
http://seclists.org/oss-sec/2014/q1/509
https://bugzilla.redhat.com/show_bug.cgi?id=1058595
http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html
http://seclists.org/oss-sec/2014/q1/509
https://bugzilla.redhat.com/show_bug.cgi?id=1058595