ADVISORIES
- CVE-2014-0036 (NVD)
- GHSA-ww79-8xwv-932x
- OSVDB-104080
GEM
SEVERITY
CVSS v2.0: 6.8 (Medium)
PATCHED VERSIONS
- >= 0.0.24
DESCRIPTION
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.