CVE-2017-17718

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-17718

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17718.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-17718

Aliases

GHSA-m7p8-9w66-9frm

Related

Published

2017-12-17T21:29:00Z

Modified

2024-09-18T02:47:25.708303Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.

References

Affected packages

Debian:11 / ruby-net-ldap

Package

Name: ruby-net-ldap
Purl: pkg:deb/debian/ruby-net-ldap?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.16.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ruby-net-ldap

Package

Name: ruby-net-ldap
Purl: pkg:deb/debian/ruby-net-ldap?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.16.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ruby-net-ldap

Package

Name: ruby-net-ldap
Purl: pkg:deb/debian/ruby-net-ldap?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.16.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/ruby-ldap/ruby-net-ldap

Affected ranges

Type: GIT
Repo: https://github.com/ruby-ldap/ruby-net-ldap
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

02804d7c18050d7397beaa7c43d65b56bbf30521

Last affected

028cdeebbd5ff8262ddcaa12811253536a6edcd3

Last affected

449370b5cfeae01a1d9a425fa0e649462ae83840

Last affected

51a7ea4f23432b808dec207d106173ba8d124233

Last affected

a046753c9fdd622be3bdd25ed244eb7cc7f1543c

Last affected

d4a73558ef847d6e0e19f5697f3e1003d1758d15

Last affected

d6ad919717a05b98b1c2f32f7292fe19381a9a82

Last affected

e37ce91b6e4422bce3fd1092119ebe42a3c986ec

Last affected

f765a75fd07f37363a4c9b80f5bb828956746f5f

Affected versions

v0.*

v0.2

v0.2.1

v0.2.2

v0.5.0

v0.5.1

v0.6.0

v0.6.1

v0.7.0