Уязвимость CVE-2018-8777

Пакет	Статус	Версия исправления	Тип
ruby2.5	fixed	2.5.1-1	package
ruby2.3	removed		package
ruby2.1	removed		package
ruby1.9.1	removed		package
ruby1.8	removed		package

CVE-2018-8777

CVSS3: 7.5

ubuntu

почти 8 лет назад

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).

CVE-2018-8777

CVSS3: 7.5

redhat

почти 8 лет назад

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).

CVE-2018-8777

CVSS3: 7.5

nvd

почти 8 лет назад

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).

GHSA-9j6f-82h4-9mw2

CVSS3: 7.5

github

больше 3 лет назад

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).

BDU:2019-04471

CVSS3: 7.5

fstec

почти 8 лет назад

Уязвимость библиотеки WEBrick интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании

exploitDog

CVE-2018-8777

Описание

Пакеты

Примечания

Связанные уязвимости