VDB

GCVE-110-MAGEIA-2014-443

GCVE-110-MAGEIA-2014-443
Advisory Published
Vulnetix · Advisory published November 14, 2014
Updated ruby packages fix security vulnerability: Due to unrestricted entity expansion, when reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service (CVE-2014-8080). The Mageia 3 ruby package has been updated to 1.9.3-p550 and the Mageia 4 ruby package has been updated to 2.0.0-p594 to fix this issue and several other bugs.

Affected Products

VendorProductVersionsPlatforms
Mageiaruby0 (affected), 1.9.3.p550-1.mga3 (unaffected)
Mageiaruby0 (affected), 2.0.0.p594-1.mga4 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›