---
gem: sentry-raven
cve: 2014-9490
osvdb: 115654
url: http://osvdb.org/show/osvdb/115654
title: sentry-raven Gem for Ruby contains a flaw that can result in a denial of service
date: 2014-12-08
description: Sentry raven-ruby contains a flaw in the lib/raven/okjson.rb script
  that is triggered when large numeric values are stored as an exponent or in
  scientific notation. With a specially crafted request, an attacker can cause
  the software to consume excessive resources resulting in a denial of service.
cvss_v2: 5.0
patched_versions:
  - ">= 0.12.2"