Description
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
References (11)
Core 11
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1657.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html
Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/06/26/2
Third Party Advisory x_refsource_misc
https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75482
Third Party Advisory x_refsource_misc
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356
Patch, Vendor Advisory x_refsource_confirm
http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html
Various Sources x_refsource_confirm
https://puppet.com/security/cve/CVE-2015-3900
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Scores
EPSS
0.0240
EPSS Percentile
85.3%
Details
CWE
CWE-254
Status
published
Products (43)
oracle/solaris
11.3
redhat/enterprise_linux
6.0
redhat/enterprise_linux
7.0
ruby-lang/ruby
1.9
ruby-lang/ruby
1.9.1
ruby-lang/ruby
1.9.2
ruby-lang/ruby
1.9.3
ruby-lang/ruby
2.0.0
ruby-lang/ruby
2.1
ruby-lang/ruby
2.1.1
... and 33 more
Published
Jun 24, 2015
Tracked Since
Feb 18, 2026