[FREEBSD:54237182-9635-4A8B-92D7-33BFAEED84CD] ruby-gems -- Algorithmic Complexity Vulnerability
Severity
Medium
Affected Packages
2
CVEs
1
Ruby Gem developers report:
RubyGems validates versions with a regular expression that is
vulnerable to denial of service due to backtracking. For specially
crafted RubyGems versions attackers can cause denial of service
through CPU consumption.
| Package | Affected Version |
|---|---|
 pkg:freebsd/ruby20-gems
|
< 1.8.26 |
|
pkg:freebsd/ruby19-gems
|
< 1.8.26 |
- ID
- FREEBSD:54237182-9635-4A8B-92D7-33BFAEED84CD
- Severity
- medium
- Severity from
- CVE-2013-4287
- URL
- http://vuxml.freebsd.org/freebsd/54237182-9635-4a8b-92d7-33bfaeed84cd.html
- Published
-
2013-09-09T00:00:00
(11 years ago) - Modified
-
2013-11-24T00:00:00
(10 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
ALAS-2013-230
ELSA-2013-1441
FEDORA-2013-16251
RHSA-2013:1441
RUBYSEC:RUBYGEMS-UPDATE-2013-4287| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/ruby20-gems |
ruby20-gems
|
< 1.8.26 | ||||
| Affected | pkg:freebsd/ruby19-gems |
ruby19-gems
|
< 1.8.26 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |