Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-8080

Опубликовано: 03 нояб. 2014
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 5

Описание

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
precise

released

1.8.7.352-2ubuntu1.5
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

utopic

DNE

vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

ignored

end of life
maverick

DNE

precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.9.3.484-2ubuntu1.1]]
lucid

ignored

end of life
precise

released

1.9.3.0-1ubuntu2.9
trusty

released

1.9.3.484-2ubuntu1.1
trusty/esm

DNE

trusty was released [1.9.3.484-2ubuntu1.1]
upstream

needs-triage

utopic

ignored

end of life
vivid

ignored

end of life
vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [2.0.0.484-1ubuntu2.1]]
lucid

DNE

precise

DNE

trusty

released

2.0.0.484-1ubuntu2.1
trusty/esm

DNE

trusty was released [2.0.0.484-1ubuntu2.1]
upstream

needs-triage

utopic

released

2.0.0.484+really457-3ubuntu1.1
vivid

DNE

vivid/stable-phone-overlay

DNE

Показывать по

РелизСтатусПримечание
devel

released

2.1.2-2ubuntu2
esm-infra-legacy/trusty

DNE

lucid

DNE

precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

utopic

released

2.1.2-2ubuntu1.1
vivid

released

2.1.2-2ubuntu2
vivid/stable-phone-overlay

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 93%
0.10784
Средний

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-8080

redhat
около 11 лет назад

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

nvd логотип

CVE-2014-8080

nvd
около 11 лет назад

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

debian логотип

CVE-2014-8080

debian
около 11 лет назад

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p ...

github логотип

GHSA-ggvr-v7qh-jwjh

github
больше 3 лет назад

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

oracle-oval логотип

ELSA-2014-1911

oracle-oval
почти 11 лет назад

ELSA-2014-1911: ruby security update (MODERATE)

EPSS

Процентиль: 93%
0.10784
Средний

5 Medium

CVSS2

Уязвимость CVE-2014-8080