1 ignored security issue in jessie

package:
ruby-http
severity:
low
created:
2017-10-07
last updated:
2019-02-12

There is 1 open security issue in jessie.
1 issue skipped by the security teams:
  • CVE-2015-1828: The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.
Please fix it.