Описание
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.8.4-1ubuntu1.6 |
| devel | not-affected | 1.8.7.72-1 |
| feisty | released | 1.8.5-4ubuntu2.3 |
| gutsy | released | 1.8.6.36-1ubuntu3.3 |
| hardy | released | 1.8.6.111-2ubuntu1.2 |
| intrepid | not-affected | 1.8.7.72-1 |
| jaunty | not-affected | 1.8.7.72-1 |
| karmic | not-affected | 1.8.7.72-1 |
| lucid | not-affected | 1.8.7.72-1 |
| maverick | not-affected | 1.8.7.72-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | pulled 2010-07-27 |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | released | 1.9.0.2-7ubuntu1.1 |
| jaunty | not-affected | 1.9.0.2-9ubuntu1 |
| karmic | not-affected | 1.9.0.2-9ubuntu1 |
| lucid | not-affected | 1.9.0.2-9ubuntu1 |
| maverick | DNE | pulled 2010-07-27 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8 ...
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS
5 Medium
CVSS2