Published: 21/11/2014 Updated: 03/01/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The REXML parser in Ruby 1.9.x prior to 1.9.3 patchlevel 551, 2.0.x prior to 2.0.0 patchlevel 598, and 2.1.x prior to 2.1.5 allows remote malicious users to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ruby-lang ruby 2.0.0
ruby-lang ruby 1.9.3
ruby-lang ruby 2.1.1
ruby-lang ruby 2.1.2
ruby-lang ruby
ruby-lang ruby 2.1.3
ruby-lang ruby 2.1.4

Debian Bug report logs - #770932 ruby21: CVE-2014-8090 Package: ruby21; Maintainer for ruby21 is Antonio Terceiro <terceiro@debianorg>; Source for ruby21 is src:ruby21 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 25 Nov 2014 10:21:02 UTC Severity: grave Tags: security Foun ...

Ruby could be made to consume resources ...

The REXML parser in Ruby 19x before 193 patchlevel 551, 20x before 200 patchlevel 598, and 21x before 215 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion ...

The upstream patch for CVE-2014-8080 introduced checks against the REXMLentity_expansion_text_limit, but did not add restrictions to limit the number of expansions performed, ie checks against the REXML::Documententity_expansion_limit As a consequence, even with the patch applied, a small XML document could cause REXML to use an excessive amo ...

NVD-CWE-Other http://www.ubuntu.com/usn/USN-2412-1 https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/http://rhn.redhat.com/errata/RHSA-2014-1911.html http://secunia.com/advisories/59948 http://rhn.redhat.com/errata/RHSA-2014-1913.html http://rhn.redhat.com/errata/RHSA-2014-1912.html http://rhn.redhat.com/errata/RHSA-2014-1914.html http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html http://secunia.com/advisories/62748 http://www.debian.org/security/2015/dsa-3159 http://www.debian.org/security/2015/dsa-3157 http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:129 http://advisories.mageia.org/MGASA-2014-0472.html https://support.apple.com/HT205267 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/71230 http://secunia.com/advisories/62050 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770932 https://usn.ubuntu.com/2412-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-8090

CVE-2014-8090

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect