Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-6438

Опубликовано: 06 сент. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

utopic

DNE

vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

maverick

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [1.9.2 only]]
precise

not-affected

1.9.2 only
precise/esm

DNE

precise was not-affected [1.9.2 only]
trusty

not-affected

1.9.2 only
trusty/esm

DNE

trusty was not-affected [1.9.2 only]
upstream

released

1.9.2-p330
utopic

not-affected

1.9.2 only
vivid

not-affected

1.9.2 only
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [1.9.2 only]]
precise

DNE

precise/esm

DNE

trusty

not-affected

1.9.2 only
trusty/esm

DNE

trusty was not-affected [1.9.2 only]
upstream

needs-triage

utopic

not-affected

1.9.2 only
vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

1.9.2 only
utopic

not-affected

1.9.2 only
vivid

not-affected

1.9.2 only
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

1.9.2 only
utopic

DNE

vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

1.9.2 only
esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

1.9.2 only
precise

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

1.9.2 only
utopic

DNE

vivid

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 78%
0.01127
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2014-6438

CVSS3: 7.5
redhat
больше 11 лет назад

The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.

nvd логотип

CVE-2014-6438

CVSS3: 7.5
nvd
больше 8 лет назад

The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.

debian логотип

CVE-2014-6438

CVSS3: 7.5
debian
больше 8 лет назад

The URI.decode_www_form_component method in Ruby before 1.9.2-p330 all ...

github логотип

GHSA-2j3h-55rq-rj48

CVSS3: 7.5
github
больше 3 лет назад

The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.

EPSS

Процентиль: 78%
0.01127
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2014-6438