VYPR

RubyGems package

http

pkg:gem/http

Vulnerabilities (1)

  • CVE-2015-1828MedOct 6, 2017
    affected >= 0.7.0, < 0.7.3fixed 0.7.3

    The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.