JRuby before 1.6.5.1 computes hash values without restricting the ability
to trigger hash collisions predictably, which allows context-dependent attackers
to cause a denial of service (CPU consumption) via crafted input to an application
that maintains a hash table.

CPENameOperatorVersion
jrubylt1.6.5.1

CPE	Name	Operator	Version
	jruby	lt	1.6.5.1

References

jruby.org/2011/12/27/jruby-1-6-5-1

debiancve 2

cve 2

prion 2

checkpoint_security 1

openvas 5

ubuntucve 2

gentoo 1

nessus 3

osv 2

github 1

debian 1

ibm 1

rubygems 1

freebsd 1

cert 1

seebug 1

securityvulns 1

debiancve

CVE-2011-4838

2011-12-30 01:55:00

CVE-2012-5370

2012-11-28 13:03:00

cve

CVE-2011-4838

2011-12-30 01:55:00

CVE-2012-5370

2012-11-28 13:03:00

prion

Code injection

2011-12-30 01:55:00

Design/Logic Flaw

2012-11-28 13:03:00

checkpoint_security

Check Point response to "DoS through hash table against Web Application Platforms" (CVE-2011-4838)

2011-12-29 22:00:00

openvas

Gentoo Security Advisory GLSA 201207-06 (jruby)

2012-08-10 00:00:00

Gentoo Security Advisory GLSA 201207-06 (jruby)

2012-08-10 00:00:00

Debian: Security Advisory (DLA-209-1)

2023-03-08 00:00:00

ubuntucve

CVE-2011-4838

2011-12-30 00:00:00

CVE-2012-5370

2012-11-28 00:00:00

gentoo

JRuby: Denial of service

2012-07-09 00:00:00

nessus

GLSA-201207-06 : JRuby: Denial of Service

2012-07-10 00:00:00

Debian DLA-209-1 : jruby security update

2015-04-30 00:00:00

FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)

2012-01-16 00:00:00

osv

jruby - security update

2015-04-29 00:00:00

JRuby denial of service via Hash Collision

2022-05-17 04:17:07

github

JRuby denial of service via Hash Collision

2022-05-17 04:17:07

debian

[SECURITY] [DLA 209-1] jruby security update

2015-04-29 10:47:27

ibm

Security Bulletin: TADDM affected by multiple vulnerabilities due to JRuby and Hyperic HQ

2023-01-10 07:32:07

rubygems

CVE-2012-5370 jruby: Murmur hash function collisions (oCERT-2012-001)

2012-11-22 20:00:00

freebsd

Multiple implementations -- DoS via hash algorithm collision

2011-12-28 00:00:00

cert

Hash table implementations vulnerable to algorithmic complexity attacks

2011-12-28 00:00:00

seebug

Multiple Programming Language Implementations Vulnerable to Hash Table Collision Attacks

2011-12-29 00:00:00

securityvulns

[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision

2012-01-02 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for RUBY:JRUBY-2011-4838-78116