Sha256: 2df57cb4675fbc15aad85b0318cb023ad92f40bfbf901c4f6be0774adb6a5ceb

Contents?: true

Size: 685 Bytes

Versions: 6

Compression:

Stored size: 685 Bytes

Contents

---
engine: rbx
cve: 2012-5372
osvdb: 87861
url: http://www.osvdb.org/show/osvdb/87861
title: Rubinius MurmurHash3 Implementation Hash Collision Remote DoS
date: 2012-11-23
description: |
  Rubinius contains a flaw related to the MurmurHash3 implementation that may
  allow a remote denial of service. The issue is triggered when hash values
  are computed without having the ability to cause hash collisions restricted.
  When sending specially crafted input to an application maintaining a hash
  table, a context-dependent attacker can cause a consumption of CPU resources.
  This will result in a loss of availability for the program.
cvss_v2: 5.0
patched_versions:
  - ">= 1.3.1"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/rubies/rbx/CVE-2012-5372.yml
bundler-budit-0.6.2 data/ruby-advisory-db/rubies/rbx/OSVDB-87861.yml
bundler-budit-0.6.1 data/ruby-advisory-db/rubies/rbx/OSVDB-87861.yml
bundler-audit-0.6.1 data/ruby-advisory-db/rubies/rbx/OSVDB-87861.yml
bundler-audit-0.6.0 data/ruby-advisory-db/rubies/rbx/OSVDB-87861.yml
bundler-audit-0.5.0 data/ruby-advisory-db/rubies/rbx/OSVDB-87861.yml