Lucene search
HistoryNov 16, 2014 - 5:59 p.m.
CVE-2014-3916
cve
ruby
vulnerability
denial of service
segmentation fault
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.8%
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
Affected configurations
Node
rubyonrailsrailsMatch1.9.3
ORrubyonrailsrailsMatch2.0.0
ORrubyonrailsrailsMatch2.1.0
Related
ubuntucve
ubuntucve
CVE-2014-3916
2014-11-16 00:00:00
prion
prion
Code injection
2014-11-16 17:59:00
openvas
openvas
Ruby 'str_buf_cat' function Denial-of-Service Vulnerability - Windows
2014-11-21 00:00:00
cvelist
cvelist
CVE-2014-3916
2014-11-16 17:00:00
nvd
nvd
CVE-2014-3916
2014-11-16 17:59:04
rubygems
rubygems
CVE-2014-3916 ruby: DoS via long string in str_buf_cat()
2014-04-07 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.8%
Related for CVE-2014-3916