CVE-2011-4815 in Ruby
Сводка (Английский)
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Резервировать
14.12.2011
Раскрытие
29.12.2011
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 59848 | Ruby эскалация привилегий | 20 | Не определено | Официальное исправление | CVE-2011-4815 |