Search for packages
| purl | pkg:deb/debian/rubygems@1.8.24-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-fx2c-u8eb-dufe | HTTP Request Smuggling RubyGems can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. |
CVE-2012-2125
GHSA-228f-g3h7-3fj3 OSV-85809 |
| VCID-hpng-v58x-xua5 | Cryptographic Issues RubyGems does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack. |
CVE-2012-2126
GHSA-5mgj-mvv8-46mw OSV-81444 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:46:45.671299+00:00 | Debian Importer | Fixing | VCID-fx2c-u8eb-dufe | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:11:52.395330+00:00 | Debian Importer | Fixing | VCID-hpng-v58x-xua5 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T06:31:51.912782+00:00 | Debian Importer | Fixing | VCID-fx2c-u8eb-dufe | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:09:20.267036+00:00 | Debian Importer | Fixing | VCID-hpng-v58x-xua5 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:52:25.664691+00:00 | Debian Importer | Fixing | VCID-hpng-v58x-xua5 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:52:25.622950+00:00 | Debian Importer | Fixing | VCID-fx2c-u8eb-dufe | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |