Vulnerabilities > Ruby Lang > Openssl > 0.1.0

DATE CVE VULNERABILITY TITLE RISK
2018-11-16 CVE-2018-16395 An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3.
network
low complexity
ruby-lang canonical debian redhat
7.5
2017-01-30 CVE-2016-7798 Inadequate Encryption Strength vulnerability in multiple products
The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.
network
low complexity
ruby-lang debian CWE-326
5.0