{"id":"CVE-2017-17718","details":"The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.","aliases":["GHSA-m7p8-9w66-9frm"],"modified":"2026-04-10T03:58:02.850713Z","published":"2017-12-17T21:29:00.267Z","references":[{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2017/12/17/10"},{"type":"FIX","url":"https://github.com/ruby-ldap/ruby-net-ldap/issues/258"},{"type":"FIX","url":"https://github.com/ruby-ldap/ruby-net-ldap/pull/279"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ruby-ldap/ruby-net-ldap","events":[{"introduced":"0"},{"last_affected":"a046753c9fdd622be3bdd25ed244eb7cc7f1543c"},{"introduced":"0"},{"last_affected":"d6ad919717a05b98b1c2f32f7292fe19381a9a82"},{"introduced":"0"},{"last_affected":"028cdeebbd5ff8262ddcaa12811253536a6edcd3"},{"introduced":"0"},{"last_affected":"51a7ea4f23432b808dec207d106173ba8d124233"},{"introduced":"0"},{"last_affected":"f765a75fd07f37363a4c9b80f5bb828956746f5f"},{"introduced":"0"},{"last_affected":"d4a73558ef847d6e0e19f5697f3e1003d1758d15"},{"introduced":"0"},{"last_affected":"02804d7c18050d7397beaa7c43d65b56bbf30521"},{"introduced":"0"},{"last_affected":"449370b5cfeae01a1d9a425fa0e649462ae83840"},{"introduced":"0"},{"last_affected":"e37ce91b6e4422bce3fd1092119ebe42a3c986ec"},{"introduced":"0"},{"last_affected":"77387bfc6a27b1b3b854942d16c09f5c568509ee"},{"introduced":"0"},{"last_affected":"fd2d1ed62df1e65a50627b429bce7a49cd623b04"},{"introduced":"0"},{"last_affected":"c326a4d7623974402979a3aa5ea13299bf4c4590"},{"introduced":"0"},{"last_affected":"2f053dd12264da42d90144341b4c0f0d8a372349"},{"introduced":"0"},{"last_affected":"9f29e158d310dc1c9a7084a87b7d57d4aa47683c"},{"introduced":"0"},{"last_affected":"67d8311aed6de49f4f2007e67b5e01ac7787c88e"},{"introduced":"0"},{"last_affected":"3bf849d415a691b5632f2e20cc637e377b15b2ad"},{"introduced":"0"},{"last_affected":"85e4b92c809fa96f3efb06b5b87c004f5390cc18"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.2"},{"introduced":"0"},{"last_affected":"0.2.1"},{"introduced":"0"},{"last_affected":"0.2.2"},{"introduced":"0"},{"last_affected":"0.5.1"},{"introduced":"0"},{"last_affected":"0.6.0"},{"introduced":"0"},{"last_affected":"0.6.1"},{"introduced":"0"},{"last_affected":"0.7.0"},{"introduced":"0"},{"last_affected":"0.8.0"},{"introduced":"0"},{"last_affected":"0.9.0"},{"introduced":"0"},{"last_affected":"0.10.0"},{"introduced":"0"},{"last_affected":"0.10.1"},{"introduced":"0"},{"last_affected":"0.11"},{"introduced":"0"},{"last_affected":"0.12.0"},{"introduced":"0"},{"last_affected":"0.12.1"},{"introduced":"0"},{"last_affected":"0.13.0"},{"introduced":"0"},{"last_affected":"0.14.0"},{"introduced":"0"},{"last_affected":"0.15.0"}]}}],"versions":["v0.10.0","v0.10.1","v0.11","v0.12.0","v0.12.1","v0.13.0","v0.14.0","v0.15.0","v0.2","v0.2.1","v0.2.2","v0.5.0","v0.5.1","v0.6.0","v0.6.1","v0.7.0","v0.8.0","v0.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17718.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"0.0.5"}]},{"events":[{"introduced":"0"},{"last_affected":"0.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"0.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"0.3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"0.3.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}