MGASA-2013-0229

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2013-4073

Published: 26 Jul 2013, 11:29

Last modified:16 Apr 2026, 06:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Jul 2013, 11:29

Published

Vulnerability first disclosed

16 Apr 2026, 06:26

Last Modified

Vulnerability information updated

Description

Updated ruby packages fix CVE-2013-4073 A vulnerability in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority (CVE-2013-4073).

Affected Systems

mageia•ruby
< 1.8.7.p358-1.3.mga2
mageia•ruby
< 1.9.3.p448-1.mga3
mageia•ruby-linecache19
< 0.5.13-5.1.mga3
mageia•ruby-ruby-debug-base19
< 0.11.26-5.1.mga3

References (4)

https://advisories.mageia.org/MGASA-2013-0229.html
http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
http://www.ubuntu.com/usn/usn-1902-1/
https://bugs.mageia.org/show_bug.cgi?id=10637