BUGTRAQSECURITYVULNS:VULN:14099

HistoryNov 24, 2014 - 12:00 a.m.

Ruby DoS

2014-11-2400:00:00

BUGTRAQ

vulners.com

Resources exhaustion on XML parsing. Memory corruption in encodes().

CPENameOperatorVersion
rubyeq2.1

CPE	Name	Operator	Version
	ruby	eq	2.1

References

vulners.com/securityvulns/securityvulns:doc:31390

redhat 4

oraclelinux 3

mageia 2

nessus 33

osv 4

openvas 20

centos 2

debian 4

amazon 5

fedora 1

ubuntu 2

cve 3

ubuntucve 3

prion 3

rubygems 3

securityvulns 3

archlinux 1

veracode 3

gentoo 1

suse 2

redhat

(RHSA-2014:1914) Moderate: ruby200-ruby security update

2014-11-26 00:00:00

(RHSA-2014:1912) Moderate: ruby security update

2014-11-26 00:00:00

(RHSA-2014:1913) Moderate: ruby193-ruby security update

2014-11-26 00:00:00

oraclelinux

ruby193-ruby security update

2016-02-04 00:00:00

ruby security update

2014-11-26 00:00:00

ruby security update

2014-11-26 00:00:00

mageia

Updated ruby packages fix security vulnerabilities

2014-11-21 15:44:16

Updated ruby packages fix CVE-2014-8080

2014-11-14 03:57:44

nessus

Debian DLA-200-1 : ruby1.9.1 security update

2015-04-16 00:00:00

Debian DSA-3157-1 : ruby1.9.1 - security update

2015-02-10 00:00:00

RHEL 7 : ruby (RHSA-2014:1912)

2014-11-27 00:00:00

osv

ruby1.9.1 - security update

2015-04-15 00:00:00

ruby1.9.1 - security update

2015-02-09 00:00:00

ruby1.8 - security update

2015-02-10 00:00:00

openvas

Oracle Linux Local Check: ELSA-2014-1913

2016-02-05 00:00:00

Debian Security Advisory DSA 3157-1 (ruby1.9.1 - security update)

2015-02-09 00:00:00

Debian Security Advisory DSA 3157-1 (ruby1.9.1 - security update)

2015-02-09 00:00:00

centos

ruby, rubygem, rubygems security update

2014-12-01 13:45:48

ruby security update

2014-12-01 12:57:41

debian

[SECURITY] [DSA 3157-1] ruby1.9.1 security update

2015-02-09 17:10:22

[SECURITY] [DLA 200-1] ruby1.9.1 security update

2015-04-15 18:17:59

[SECURITY] [DSA 3159-1] ruby1.8 security update

2015-02-10 17:49:21

amazon

Medium: ruby20

2014-11-13 17:26:00

Medium: ruby21

2014-11-13 17:26:00

Medium: ruby19

2014-11-13 17:25:00

fedora

[SECURITY] Fedora 21 Update: ruby-2.1.4-24.fc21

2014-11-10 06:32:27

ubuntu

Ruby vulnerabilities

2014-11-04 00:00:00

Ruby vulnerability

2014-11-20 00:00:00

cve

CVE-2014-8090

2014-11-21 15:59:00

CVE-2014-8080

2014-11-03 16:55:00

CVE-2014-4975

2014-11-15 20:59:00

ubuntucve

CVE-2014-8090

2014-11-14 00:00:00

CVE-2014-8080

2014-10-29 00:00:00

CVE-2014-4975

2014-07-17 00:00:00

prion

Design/Logic Flaw

2014-11-21 15:59:00

Design/Logic Flaw

2014-11-03 16:55:00

Stack overflow

2014-11-15 20:59:00

rubygems

CVE-2014-8090 ruby: REXML incomplete fix for CVE-2014-8080

2014-11-12 21:00:00

CVE-2014-8080 ruby: REXML billion laughs attack via parameter entity expansion

2014-10-26 21:00:00

CVE-2014-4975 ruby: off-by-one stack-based buffer overflow in the encodes() function

2014-07-09 00:00:00

securityvulns

[USN-2412-1] Ruby vulnerability

2014-11-24 00:00:00

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11

2015-10-05 00:00:00

Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities

2015-10-25 00:00:00

archlinux

ruby: denial of service

2014-11-17 00:00:00

veracode

XML Entity Expansion (XEE)

2019-05-02 05:05:32

XML Entity Expansion (XEE)

2019-01-15 09:03:29

Denial Of Service (DoS)

2019-01-15 09:03:14

gentoo

Ruby: Denial of service

2014-12-13 00:00:00

suse

Security update for ruby2.1 (important)

2017-04-20 12:08:57

Security update for ruby2.1 (important)

2017-04-28 18:11:28

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

Ruby DoS

References

Related