Denial of Service Vulnerability in Raven Ruby Gem by Sentry
CVE-2014-9490

Currently unrated

Key Information:

Vendor

Getsentry

Status
Raven-ruby
Vendor
CVE Published:
20 January 2015

What is CVE-2014-9490?

The numtok function in the Raven Ruby Gem, specifically in the file lib/raven/okjson.rb, is susceptible to exploitation due to improperly handled large exponent values in scientific notation. This vulnerability allows attackers to facilitate a denial of service by sending a tailored request that triggers excessive resource consumption, potentially disrupting operations for users of the affected versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/getsentry/raven-ruby/commit/477ee93a3f...
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/99687
vdb-entryx_refsource_XF
http://seclists.org/oss-sec/2015/q1/26
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.