Description

Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Remediation

References

CVE-2011-4815

Related Vulnerabilities

WordPress Plugin WP REST API (WP API) Cross-Site Scripting (1.2.2)

WordPress Plugin Sharebar Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1)

MongoDb Missing Authorization Vulnerability (CVE-2024-6375)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)

WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)

Severity

High

Classification

CVE-2011-4815 CWE-20

Tags

Missing Update Known Vulnerabilities