The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rails | Rubyonrails | 1.9.3 (including) | 1.9.3 (including) |
Rails | Rubyonrails | 2.0.0 (including) | 2.0.0 (including) |
Rails | Rubyonrails | 2.1.0 (including) | 2.1.0 (including) |