CVE-2015-4020
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
25/08/2015
Last modified:
12/04/2025
Description
RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:preview2:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.1:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:preview2.2:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:rubygems:rubygems:2.0.8:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://blog.rubygems.org/2015/06/08/2.2.5-released.html
- http://blog.rubygems.org/2015/06/08/2.4.8-released.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.securityfocus.com/bid/75431
- https://github.com/rubygems/rubygems/commit/5c7bfb5
- https://puppet.com/security/cve/CVE-2015-3900
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/
- http://blog.rubygems.org/2015/06/08/2.2.5-released.html
- http://blog.rubygems.org/2015/06/08/2.4.8-released.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.securityfocus.com/bid/75431
- https://github.com/rubygems/rubygems/commit/5c7bfb5
- https://puppet.com/security/cve/CVE-2015-3900
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900/