The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ruby | Yukihiro_matsumoto | 1.6 (including) | 1.6 (including) |
Ruby | Yukihiro_matsumoto | 1.6.7 (including) | 1.6.7 (including) |
Ruby | Yukihiro_matsumoto | 1.8 (including) | 1.8 (including) |
Ruby | Yukihiro_matsumoto | 1.8.1 (including) | 1.8.1 (including) |
Ruby | Yukihiro_matsumoto | 1.8.2_pre1 (including) | 1.8.2_pre1 (including) |
Ruby | Yukihiro_matsumoto | 1.8.2_pre2 (including) | 1.8.2_pre2 (including) |