Denial of Service Vulnerability in Ruby 1.9.3, 2.0.0, and 2.1

Denial of Service Vulnerability in Ruby 1.9.3, 2.0.0, and 2.1

CVE-2014-3916 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

Learn more about our Web Application Penetration Testing UK.