RubyGems: Memory leak in gem decode logic can allow attacker to take down Rubygems.org application

A memory leak vulnerability was discovered in the gem decode logic of the Rubygems.org application. The vulnerability allowed an attacker with a valid API key to set arbitrary instance variables during the decoding of gem metadata, which would cause the server to exhaust its memory. The issue was...

Design/Logic Flaw

Unspecified vulnerability in the decodesliceheader function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."...