Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-10077

Опубликовано: 20 июл. 2015
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

Отчет

Red Hat Satellite 6.2 is now in Maintenance support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite Product Life Cycle: https://access.redhat.com/support/policy/updates/satellite Red Hat Satellite 6.3 and 6.4 don't include vulnerable package tfm-rubygem-i18n, hence are not affected by this flaw. Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Container Platform 3.10rubygem-i18nNot affected
Red Hat OpenShift Container Platform 3.11rubygem-i18nNot affected
Red Hat OpenShift Container Platform 3.2rubygem-i18nWill not fix
Red Hat OpenShift Container Platform 3.3rubygem-i18nWill not fix
Red Hat OpenShift Container Platform 3.4rubygem-i18nWill not fix
Red Hat OpenShift Container Platform 3.5rubygem-i18nWill not fix
Red Hat OpenShift Container Platform 3.6rubygem-i18nNot affected
Red Hat OpenShift Container Platform 3.7rubygem-i18nNot affected
Red Hat OpenShift Container Platform 3.9rubygem-i18nNot affected
Red Hat OpenShift Enterprise 3.1rubygem-i18nWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1647431rubygem-i18n: denial of service in Hash#slice in lib/i18n/core_ext/hash.rb

EPSS

Процентиль: 79%
0.01306
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2014-10077

CVSS3: 7.5
ubuntu
больше 7 лет назад

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

nvd логотип

CVE-2014-10077

CVSS3: 7.5
nvd
больше 7 лет назад

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

debian логотип

CVE-2014-10077

CVSS3: 7.5
debian
больше 7 лет назад

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 f ...

github логотип

GHSA-34hf-g744-jw64

CVSS3: 7.5
github
больше 3 лет назад

i18n Vulnerable to Denial of Service Attack

fstec логотип

BDU:2019-03336

CVSS3: 7.5
fstec
больше 7 лет назад

Уязвимость интерпретатора языка программирования Ruby, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 79%
0.01306
Низкий

5.3 Medium

CVSS3