rubygems: denial of service
| Package(s): | rubygems | CVE #(s): | CVE-2013-4363 | ||||||||||||||||||||
| Created: | October 4, 2013 | Updated: | October 9, 2013 | ||||||||||||||||||||
| Description: | From the Fedora advisory: Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found to be incomplete and the incompleteness is now assigned as CVE-2013-4363. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||