Sha256: 453d5edcfdb54ba3b211d2e2ea5cac5477f81e34fd430a3c6a1e5e94d4f6c03a

Contents?: true

Size: 586 Bytes

Versions: 11

Compression:

Stored size: 586 Bytes

Contents

---
gem: actionmailer
cve: 2013-4389
osvdb: 98629
url: http://www.osvdb.org/show/osvdb/98629
title: Action Mailer Gem for Ruby contains a possible DoS Vulnerability
date: 2013-10-16
description: Action Mailer Gem for Ruby contains a format string flaw in
  the Log Subscriber component. The issue is triggered as format string
  specifiers (e.g. %s and %x) are not properly sanitized in user-supplied
  input when handling email addresses. This may allow a remote attacker
  to cause a denial of service
cvss_v2: 4.3
unaffected_versions:
  - ~> 2.3.2
patched_versions: 
  - '>= 3.2.15'

Version data entries

11 entries across 11 versions & 3 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/actionmailer/OSVDB-98629.yml