ID CVE-2014-8090
Summary The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.
References
Vulnerable Configurations
  • Ruby-lang Ruby 2.0.0
    cpe:2.3:a:ruby-lang:ruby:2.0.0
  • Ruby-lang Ruby 2.0.0-p0
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p0
  • Ruby-lang Ruby 2.0.0-p195
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p195
  • Ruby-lang Ruby 2.0.0-p247
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p247
  • Ruby-lang Ruby 2.0.0 p451
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p451
  • Ruby-lang Ruby 2.0.0 p481
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p481
  • Ruby-lang Ruby 2.0.0 p576
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p576
  • Ruby-lang Ruby 2.0.0 p594
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p594
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p550
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p550
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p547
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p547
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p545
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p545
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p448
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p448
  • Ruby-lang Ruby 1.9.3-p429
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p429
  • ruby-lang Ruby 1.9.3-p426
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p426
  • ruby-lang Ruby 1.9.3-p392
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p392
  • ruby-lang Ruby 1.9.3-p385
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p385
  • ruby-lang Ruby 1.9.3-p383
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p383
  • ruby-lang Ruby 1.9.3-p286
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p286
  • ruby-lang Ruby 1.9.3-p194
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p194
  • ruby-lang Ruby 1.9.3-p125
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p125
  • ruby-lang Ruby 1.9.3-p0
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p0
  • ruby-lang Ruby 1.9.3
    cpe:2.3:a:ruby-lang:ruby:1.9.3
  • ruby-lang Ruby 2.1.1
    cpe:2.3:a:ruby-lang:ruby:2.1.1
  • Ruby-lang Ruby 2.1.2
    cpe:2.3:a:ruby-lang:ruby:2.1.2
  • Ruby-lang Ruby 2.1.3
    cpe:2.3:a:ruby-lang:ruby:2.1.3
  • Ruby-lang Ruby 2.1.4
    cpe:2.3:a:ruby-lang:ruby:2.1.4
CVSS
Base: 5.0 (as of 28-06-2016 - 13:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-449.NASL
    description The upstream patch for CVE-2014-8080 introduced checks against the REXML.entity_expansion_text_limit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entity_expansion_limit. As a consequence, even with the patch applied, a small XML document could cause REXML to use an excessive amount of CPU time. High memory usage can be achieved using larger inputs.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 79298
    published 2014-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79298
    title Amazon Linux AMI : ruby21 (ALAS-2014-449)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1911.NASL
    description Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79642
    published 2014-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79642
    title CentOS 6 : ruby (CESA-2014:1911)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-447.NASL
    description The upstream patch for CVE-2014-8080 introduced checks against the REXML.entity_expansion_text_limit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entity_expansion_limit. As a consequence, even with the patch applied, a small XML document could cause REXML to use an excessive amount of CPU time. High memory usage can be achieved using larger inputs.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 79296
    published 2014-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79296
    title Amazon Linux AMI : ruby19 (ALAS-2014-447)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-448.NASL
    description The upstream patch for CVE-2014-8080 introduced checks against the REXML.entity_expansion_text_limit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entity_expansion_limit. As a consequence, even with the patch applied, a small XML document could cause REXML to use an excessive amount of CPU time. High memory usage can be achieved using larger inputs.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 79297
    published 2014-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79297
    title Amazon Linux AMI : ruby20 (ALAS-2014-448)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-225.NASL
    description Updated ruby packages fix security vulnerabilities : Will Wood discovered that Ruby incorrectly handled the encodes() function. An attacker could possibly use this issue to cause Ruby to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service (CVE-2014-4975). Due to an incomplete fix for CVE-2014-8080, 100% CPU utilization can occur as a result of recursive expansion with an empty String. When reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service (CVE-2014-8090). Additionally ruby has been upgraded to patch level 374.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 79571
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79571
    title Mandriva Linux Security Advisory : ruby (MDVSA-2014:225)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2412-1.NASL
    description Tomas Hoger discovered that Ruby incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of resources, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 79382
    published 2014-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79382
    title Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : ruby1.8, ruby1.9.1, ruby2.0, ruby2.1 vulnerability (USN-2412-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3159.NASL
    description It was discovered that the REXML parser, part of the interpreter for the Ruby language, could be coerced into allocating large string objects that could consume all available memory on the system. This could allow remote attackers to cause a denial of service (crash).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81279
    published 2015-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81279
    title Debian DSA-3159-1 : ruby1.8 - security update
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20141126_RUBY_ON_SL6_X.NASL
    description Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 79657
    published 2014-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79657
    title Scientific Linux Security Update : ruby on SL6.x i386/x86_64
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_11.NASL
    description The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 86270
    published 2015-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86270
    title Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1911.NASL
    description From Red Hat Security Advisory 2014:1911 : Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 79593
    published 2014-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79593
    title Oracle Linux 6 : ruby (ELSA-2014-1911)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-1912.NASL
    description Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) A stack-based buffer overflow was found in the implementation of the Ruby Array pack() method. When performing base64 encoding, a single byte could be written past the end of the buffer, possibly causing Ruby to crash. (CVE-2014-4975) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79643
    published 2014-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79643
    title CentOS 7 : ruby (CESA-2014:1912)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1374.NASL
    description According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080) - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090) - Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.(CVE-2014-4975) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-29
    plugin id 119065
    published 2018-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119065
    title EulerOS Virtualization 2.5.1 : ruby (EulerOS-SA-2018-1374)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-200.NASL
    description CVE-2014-4975 The encodes() function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution. CVE-2014-8080, CVE-2014-8090 The REXML parser could be coerced into allocating large string objects that could consume all available memory on the system. This could allow remote attackers to cause a denial of service (crash). NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 82805
    published 2015-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82805
    title Debian DLA-200-1 : ruby1.9.1 security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-6.NASL
    description The following issues were fixed in this update : - CVE-2014-8090: Denial Of Service XML Expansion (bnc#905326) - CVE-2014-8080: Denial Of Service XML Expansion (bnc#902851)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80356
    published 2015-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80356
    title openSUSE Security Update : ruby2.1 (openSUSE-SU-2015:0007-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-88.NASL
    description This update fixes multiple local and remote denial of service and remote code execute problems : CVE-2011-0188 Properly allocate memory, to prevent arbitrary code execution or application crash. Reported by Drew Yao. CVE-2011-2686 Reinitialize the random seed when forking to prevent CVE-2003-0900 like situations. CVE-2011-2705 Modify PRNG state to prevent random number sequence repeatation at forked child process which has same pid. Reported by Eric Wong. CVE-2011-4815 Fix a problem with predictable hash collisions resulting in denial of service (CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde. CVE-2014-8080 Fix REXML parser to prevent memory consumption denial of service via crafted XML documents. Reported by Willis Vandevanter. CVE-2014-8090 Add REXML::Document#document to complement the fix for CVE-2014-8080. Reported by Tomas Hoger. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 82233
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82233
    title Debian DLA-88-1 : ruby1.8 security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_RUBY-141230.NASL
    description The Ruby script interpreter has been updated to fix two denial of service attacks when expanding XML. (CVE-2014-8080 / CVE-2014-8090)
    last seen 2019-02-21
    modified 2015-10-05
    plugin id 81040
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81040
    title SuSE 11.3 Security Update : Ruby (SAT Patch Number 10126)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1912.NASL
    description Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) A stack-based buffer overflow was found in the implementation of the Ruby Array pack() method. When performing base64 encoding, a single byte could be written past the end of the buffer, possibly causing Ruby to crash. (CVE-2014-4975) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-17
    plugin id 79596
    published 2014-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79596
    title RHEL 7 : ruby (RHSA-2014:1912)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-129.NASL
    description Updated ruby packages fix security vulnerabilities : Due to unrestricted entity expansion, when reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service (CVE-2014-8080). Will Wood discovered that Ruby incorrectly handled the encodes() function. An attacker could possibly use this issue to cause Ruby to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service (CVE-2014-4975). Due to an incomplete fix for CVE-2014-8080, 100% CPU utilization can occur as a result of recursive expansion with an empty String. When reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service (CVE-2014-8090).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82382
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82382
    title Mandriva Linux Security Advisory : ruby (MDVSA-2015:129)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-27.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-27 (Ruby: Denial of Service) Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-10-05
    plugin id 79980
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79980
    title GLSA-201412-27 : Ruby: Denial of Service
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-1912.NASL
    description From Red Hat Security Advisory 2014:1912 : Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) A stack-based buffer overflow was found in the implementation of the Ruby Array pack() method. When performing base64 encoding, a single byte could be written past the end of the buffer, possibly causing Ruby to crash. (CVE-2014-4975) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 79594
    published 2014-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79594
    title Oracle Linux 7 : ruby (ELSA-2014-1912)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3157.NASL
    description Multiple vulnerabilities were discovered in the interpreter for the Ruby language : - CVE-2014-4975 The encodes() function in pack.c had an off-by-one error that could lead to a stack-based buffer overflow. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution. - CVE-2014-8080, CVE-2014-8090 The REXML parser could be coerced into allocating large string objects that could consume all available memory on the system. This could allow remote attackers to cause a denial of service (crash).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81250
    published 2015-02-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81250
    title Debian DSA-3157-1 : ruby1.9.1 - security update
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20141126_RUBY_ON_SL7_X.NASL
    description Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) A stack-based buffer overflow was found in the implementation of the Ruby Array pack() method. When performing base64 encoding, a single byte could be written past the end of the buffer, possibly causing Ruby to crash. (CVE-2014-4975) All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 79658
    published 2014-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79658
    title Scientific Linux Security Update : ruby on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-758.NASL
    description ruby19 was updated to fix two security issues. These security issues were fixed : - Denial Of Service XML Expansion (CVE-2014-8080). - Denial Of Service XML Expansion (CVE-2014-8090). Note: These are two separate issues.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 79820
    published 2014-12-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79820
    title openSUSE Security Update : ruby19 (openSUSE-SU-2014:1589-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-1911.NASL
    description Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79595
    published 2014-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79595
    title RHEL 6 : ruby (RHSA-2014:1911)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-1.NASL
    description This ruby update fixes the following two security issues : - bnc#902851: fix CVE-2014-8080: Denial Of Service XML Expansion - bnc#905326: fix CVE-2014-8090: Another Denial Of Service XML Expansion - Enable tests to run during the build. This way we can compare the results on different builds.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80353
    published 2015-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80353
    title openSUSE Security Update : ruby20 (openSUSE-SU-2015:0002-1)
redhat via4
advisories
  • bugzilla
    id 1159927
    title CVE-2014-8090 ruby: REXML incomplete fix for CVE-2014-8080
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment ruby is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911005
        • comment ruby is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910006
      • AND
        • comment ruby-devel is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911017
        • comment ruby-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910016
      • AND
        • comment ruby-docs is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911013
        • comment ruby-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910012
      • AND
        • comment ruby-irb is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911019
        • comment ruby-irb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910018
      • AND
        • comment ruby-libs is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911011
        • comment ruby-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910020
      • AND
        • comment ruby-rdoc is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911021
        • comment ruby-rdoc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910022
      • AND
        • comment ruby-ri is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911007
        • comment ruby-ri is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910014
      • AND
        • comment ruby-static is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911015
        • comment ruby-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910010
      • AND
        • comment ruby-tcltk is earlier than 0:1.8.7.374-3.el6_6
          oval oval:com.redhat.rhsa:tst:20141911009
        • comment ruby-tcltk is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910008
    rhsa
    id RHSA-2014:1911
    released 2014-11-26
    severity Moderate
    title RHSA-2014:1911: ruby security update (Moderate)
  • bugzilla
    id 1159927
    title CVE-2014-8090 ruby: REXML incomplete fix for CVE-2014-8080
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment ruby is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912005
        • comment ruby is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910006
      • AND
        • comment ruby-devel is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912009
        • comment ruby-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910016
      • AND
        • comment ruby-doc is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912027
        • comment ruby-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912028
      • AND
        • comment ruby-irb is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912015
        • comment ruby-irb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910018
      • AND
        • comment ruby-libs is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912007
        • comment ruby-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910020
      • AND
        • comment ruby-tcltk is earlier than 0:2.0.0.353-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912029
        • comment ruby-tcltk is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110910008
      • AND
        • comment rubygem-bigdecimal is earlier than 0:1.2.0-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912019
        • comment rubygem-bigdecimal is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912020
      • AND
        • comment rubygem-io-console is earlier than 0:0.4.2-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912025
        • comment rubygem-io-console is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912026
      • AND
        • comment rubygem-json is earlier than 0:1.7.7-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912011
        • comment rubygem-json is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912012
      • AND
        • comment rubygem-minitest is earlier than 0:4.3.2-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912017
        • comment rubygem-minitest is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912018
      • AND
        • comment rubygem-psych is earlier than 0:2.0.0-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912033
        • comment rubygem-psych is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912034
      • AND
        • comment rubygem-rake is earlier than 0:0.9.6-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912031
        • comment rubygem-rake is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912032
      • AND
        • comment rubygem-rdoc is earlier than 0:4.0.0-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912023
        • comment rubygem-rdoc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912024
      • AND
        • comment rubygems is earlier than 0:2.0.14-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912021
        • comment rubygems is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131441006
      • AND
        • comment rubygems-devel is earlier than 0:2.0.14-22.el7_0
          oval oval:com.redhat.rhsa:tst:20141912013
        • comment rubygems-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141912014
    rhsa
    id RHSA-2014:1912
    released 2014-11-26
    severity Moderate
    title RHSA-2014:1912: ruby security update (Moderate)
  • rhsa
    id RHSA-2014:1913
  • rhsa
    id RHSA-2014:1914
rpms
  • ruby-0:1.8.7.374-3.el6_6
  • ruby-devel-0:1.8.7.374-3.el6_6
  • ruby-docs-0:1.8.7.374-3.el6_6
  • ruby-irb-0:1.8.7.374-3.el6_6
  • ruby-libs-0:1.8.7.374-3.el6_6
  • ruby-rdoc-0:1.8.7.374-3.el6_6
  • ruby-ri-0:1.8.7.374-3.el6_6
  • ruby-static-0:1.8.7.374-3.el6_6
  • ruby-tcltk-0:1.8.7.374-3.el6_6
  • ruby-0:2.0.0.353-22.el7_0
  • ruby-devel-0:2.0.0.353-22.el7_0
  • ruby-doc-0:2.0.0.353-22.el7_0
  • ruby-irb-0:2.0.0.353-22.el7_0
  • ruby-libs-0:2.0.0.353-22.el7_0
  • ruby-tcltk-0:2.0.0.353-22.el7_0
  • rubygem-bigdecimal-0:1.2.0-22.el7_0
  • rubygem-io-console-0:0.4.2-22.el7_0
  • rubygem-json-0:1.7.7-22.el7_0
  • rubygem-minitest-0:4.3.2-22.el7_0
  • rubygem-psych-0:2.0.0-22.el7_0
  • rubygem-rake-0:0.9.6-22.el7_0
  • rubygem-rdoc-0:4.0.0-22.el7_0
  • rubygems-0:2.0.14-22.el7_0
  • rubygems-devel-0:2.0.14-22.el7_0
refmap via4
apple APPLE-SA-2015-09-30-3
bid 71230
confirm
debian
  • DSA-3157
  • DSA-3159
mandriva MDVSA-2015:129
secunia
  • 59948
  • 62050
  • 62748
suse
  • openSUSE-SU-2014:1589
  • openSUSE-SU-2015:0002
  • openSUSE-SU-2015:0007
ubuntu USN-2412-1
Last major update 02-01-2017 - 21:59
Published 21-11-2014 - 10:59
Back to Top