RubyGems package
jruby-openssl
pkg:gem/jruby-openssl
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-46551 | — | >= 0.12.1, < 0.15.4 | 0.15.4 | May 7, 2025 | JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to 10.0.0.1), when verifying SSL | ||
| CVE-2009-4123 | — | < 0.6 | 0.6 | Dec 12, 2023 | The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation. |
- CVE-2025-46551May 7, 2025affected >= 0.12.1, < 0.15.4fixed 0.15.4
JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to 10.0.0.1), when verifying SSL
- CVE-2009-4123Dec 12, 2023affected < 0.6fixed 0.6
The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation.