Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-4363

Опубликовано: 17 окт. 2013
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3

Описание

Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287.

РелизСтатусПримечание
devel

ignored

lucid

ignored

precise

ignored

quantal

ignored

raring

ignored

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

ignored

lucid

ignored

precise

ignored

quantal

ignored

raring

ignored

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

ignored

lucid

DNE

precise

ignored

quantal

ignored

raring

ignored

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 69%
0.00588
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-4363

redhat
больше 12 лет назад

Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287.

nvd логотип

CVE-2013-4363

nvd
больше 12 лет назад

Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287.

debian логотип

CVE-2013-4363

debian
больше 12 лет назад

Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION ...

github логотип

GHSA-9qvm-2vhf-q649

github
больше 3 лет назад

RubyGems Regular Expression Denial of Service

EPSS

Процентиль: 69%
0.00588
Низкий

4.3 Medium

CVSS2