{"data_version":"4.0","references":{"reference_data":[{"url":"http://blog.rubygems.org/2018/02/15/2.7.6-released.html"},{"url":"https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964"}]},"description":{"description_data":[{"lang":"eng","value":"RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem could set an invalid homepage URL. This vulnerability appears to have been fixed in 2.7.6."}]},"data_type":"CVE","affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"version":{"version_data":[{"version_value":"Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422"}]},"product_name":"RubyGems"}]},"vendor_name":"RubyGems"}]}},"CVE_data_meta":{"DATE_ASSIGNED":"2/18/2018 8:06:57","ID":"CVE-2018-1000077","ASSIGNER":"kurt@seifried.org","REQUESTER":"craig.ingram@salesforce.com"},"data_format":"MITRE","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper Input Validation"}]}]}}
