Описание
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.9.3.484-2ubuntu1.12]] |
| precise/esm | DNE | |
| trusty | released | 1.9.3.484-2ubuntu1.12 |
| trusty/esm | DNE | trusty was released [1.9.3.484-2ubuntu1.12] |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.0.0.484-1ubuntu2.10]] |
| precise/esm | DNE | |
| trusty | released | 2.0.0.484-1ubuntu2.10 |
| trusty/esm | DNE | trusty was released [2.0.0.484-1ubuntu2.10] |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2.3.3-1ubuntu1.6 |
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | released | 2.3.1-2~16.04.10 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | released | 2.3.1-2~16.04.10 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | released | 2.5.1-1 |
| devel | released | 2.5.1-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 2.5.1-1 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
Уязвимость библиотеки WEBrick интерпретатора языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3