The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.

Related CVEs

CVE-2011-4121

Key Information

GHSA ID

GHSA-mjg4-5rfj-952f

Published

April 22, 2022 12:24 AM

Last Modified

April 3, 2024 11:05 PM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 20, 2025 6:19 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.