CVE-2017-17718

The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
References
Link Resource
http://openwall.com/lists/oss-security/2017/12/17/10 Issue Tracking Mailing List Third Party Advisory
https://github.com/ruby-ldap/ruby-net-ldap/issues/258 Issue Tracking Patch Third Party Advisory
https://github.com/ruby-ldap/ruby-net-ldap/pull/279 Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:net-ldap_project:net-ldap:0.0.5:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.1.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.1.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.2:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.2.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.2.2:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.3.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.3.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.5.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.6.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.6.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.7.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.8.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.9.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.10.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.10.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.11:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.12.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.12.1:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.13.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.14.0:*:*:*:*:ruby:*:*
cpe:2.3:a:net-ldap_project:net-ldap:0.15.0:*:*:*:*:ruby:*:*

History

No history.

Information

Published : 2017-12-17 21:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-17718

Mitre link : CVE-2017-17718

CVE.ORG link : CVE-2017-17718


JSON object : View

Products Affected

net-ldap_project

  • net-ldap
CWE
CWE-295

Improper Certificate Validation