[FREEBSD:54237182-9635-4A8B-92D7-33BFAEED84CD] ruby-gems -- Algorithmic Complexity Vulnerability
Severity
Medium
Affected Packages
2
CVEs
1
Ruby Gem developers report:
RubyGems validates versions with a regular expression that is
vulnerable to denial of service due to backtracking. For specially
crafted RubyGems versions attackers can cause denial of service
through CPU consumption.
Package | Affected Version |
---|---|
pkg:freebsd/ruby20-gems | < 1.8.26 |
pkg:freebsd/ruby19-gems | < 1.8.26 |
- ID
- FREEBSD:54237182-9635-4A8B-92D7-33BFAEED84CD
- Severity
- medium
- Severity from
- CVE-2013-4287
- URL
- http://vuxml.freebsd.org/freebsd/54237182-9635-4a8b-92d7-33bfaeed84cd.html
- Published
-
2013-09-09T00:00:00
(11 years ago) - Modified
-
2013-11-24T00:00:00
(10 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/ruby20-gems | ruby20-gems | < 1.8.26 | ||||
Affected | pkg:freebsd/ruby19-gems | ruby19-gems | < 1.8.26 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |