CVE-2021-32823

🗓️ 23 Jun 2021 23:40:12Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 140 Views

bindata RubyGem before v2.4.10 has DoS vulnerabilit

Reporter	Title	Published	Views	Family All 21
BDU FSTEC	The vulnerability of the declarative reading and writing methods for BinData binary file formats, related to uncontrolled resource consumption, allows a perpetrator to cause service failures.	5 Oct 202100:00	–	bdu_fstec
Circl	CVE-2021-32823	24 Jun 202107:18	–	circl
CNNVD	BinData 安全漏洞	23 Jun 202100:00	–	cnnvd
Cvelist	CVE-2021-32823 Potential Denial-of-Service in bindata	23 Jun 202123:40	–	cvelist
Debian CVE	CVE-2021-32823	23 Jun 202123:40	–	debiancve
EUVD	EUVD-2021-1335	7 Oct 202500:30	–	euvd
Github Security Blog	Potential Denial-of-Service in bindata	23 Jun 202123:42	–	github
NVD	CVE-2021-32823	24 Jun 202100:15	–	nvd
OSV	BIT-GITLAB-2021-32823 Potential Denial-of-Service in bindata	6 Mar 202411:18	–	osv
OSV	DEBIAN-CVE-2021-32823	24 Jun 202100:15	–	osv

NVD

Vulners

Node

bindata_project bindataRange<2.4.10ruby

Node

gitlab gitlabRange12.0–13.10.5community

gitlab gitlabRange12.0–13.10.5enterprise

gitlab gitlabRange13.11.0–13.11.5community

gitlab gitlabRange13.11.0–13.11.5enterprise

gitlab gitlabRange13.12.0–13.12.2community

gitlab gitlabRange13.12.0–13.12.2enterprise

[
  {
    "product": "bindata",
    "vendor": "dmendel",
    "versions": [
      {
        "status": "affected",
        "version": "< 2.4.10"
      }
    ]
  }
]

Source	Link
about	www.about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
github	www.github.com/dmendel/bindata/blob/v2.4.10/ChangeLog.rdoc
github	www.github.com/dmendel/bindata/commit/d99f050b88337559be2cb35906c1f8da49531323
rubygems	www.rubygems.org/gems/bindata
github	www.github.com/rubysec/ruby-advisory-db/issues/476

21 Nov 2024 06:07Current

3.8Low risk

Vulners AI Score3.8

CVSS 3.13.7

CVSS 24.3

EPSS0.00174

CWE-400