6.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.8%
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
seclists.org/oss-sec/2014/q2/362
seclists.org/oss-sec/2014/q2/375
www.securityfocus.com/bid/67705
bugs.ruby-lang.org/issues/9709
exchange.xforce.ibmcloud.com/vulnerabilities/93505