CVE-2014-9490CVE-2014-9490

Affected configuration(s):

cpe:/a:getsentry:raven-ruby:0.12.1::~~~ruby~~

Date published: 2015-01-20T10:59:05.577-05:00

Date last modified: 2017-09-07T21:29:35.417-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://seclists.org/oss-sec/2015/q1/26

Summary: The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.