VDB
CVE-2014-3916
CVE-2014-3916
PUBLISHED
CVSS 5 MEDIUM
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
EPSS 0.49% · 66.0th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
0.49%
66.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| rubyonrails | rails | 1.9.3, 2.0.0, 2.1.0 |
Exploit Intelligence
- ruby-cve20143916-dos(93505) (circl)
- 67705 (circl)
- https://bugs.ruby-lang.org/issues/9709 (circl)
- [oss-security] 20140529 Re: Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 (circl)
- [oss-security] 20140527 Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 (circl)
Timeline
- Nov 16, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- ruby-cve20143916-dos(93505) vdb
- 67705 vdb
- https://bugs.ruby-lang.org/issues/9709 url
- [oss-security] 20140529 Re: Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 mailing-list
- [oss-security] 20140527 Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2014-3916 advisory