ID CVE-2013-4287
Summary Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.10:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.10:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.11:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.12:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.12:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.13:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.13:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.14:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.14:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.15:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.15:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.16:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.16:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.17:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.17:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.18:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.18:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.19:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.19:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.20:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.20:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.21:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.21:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.22:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.22:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.3a:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.3b:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.3b:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.10:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.10:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.11:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.8.40.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.8.40.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.23:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.23:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.24:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.24:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:1.8.25:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:1.8.25:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rubygems:rubygems:2.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:rubygems:rubygems:2.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 22-04-2019 - 17:48)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1002364
    title CVE-2013-4287 rubygems: version regex algorithmic complexity vulnerability
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment rubygems is earlier than 0:1.3.7-4.el6_4
        oval oval:com.redhat.rhsa:tst:20131441001
      • comment rubygems is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20193384070
    rhsa
    id RHSA-2013:1441
    released 2013-10-17
    severity Moderate
    title RHSA-2013:1441: rubygems security update (Moderate)
  • rhsa
    id RHSA-2013:1427
  • rhsa
    id RHSA-2013:1523
  • rhsa
    id RHSA-2013:1852
  • rhsa
    id RHSA-2014:0207
rpms
  • ruby193-ruby-0:1.9.3.448-40.el6
  • ruby193-ruby-debuginfo-0:1.9.3.448-40.el6
  • ruby193-ruby-devel-0:1.9.3.448-40.el6
  • ruby193-ruby-doc-0:1.9.3.448-40.el6
  • ruby193-ruby-irb-0:1.9.3.448-40.el6
  • ruby193-ruby-libs-0:1.9.3.448-40.el6
  • ruby193-ruby-tcltk-0:1.9.3.448-40.el6
  • ruby193-rubygem-bigdecimal-0:1.1.0-40.el6
  • ruby193-rubygem-io-console-0:0.3-40.el6
  • ruby193-rubygem-json-0:1.5.5-40.el6
  • ruby193-rubygem-minitest-0:2.5.1-40.el6
  • ruby193-rubygem-rake-0:0.9.2.2-40.el6
  • ruby193-rubygem-rdoc-0:3.9.5-40.el6
  • ruby193-rubygems-0:1.8.23-40.el6
  • ruby193-rubygems-devel-0:1.8.23-40.el6
  • rubygems-0:1.3.7-4.el6_4
  • ruby193-ruby-0:1.9.3.448-40.el6
  • ruby193-ruby-debuginfo-0:1.9.3.448-40.el6
  • ruby193-ruby-devel-0:1.9.3.448-40.el6
  • ruby193-ruby-doc-0:1.9.3.448-40.el6
  • ruby193-ruby-irb-0:1.9.3.448-40.el6
  • ruby193-ruby-libs-0:1.9.3.448-40.el6
  • ruby193-ruby-tcltk-0:1.9.3.448-40.el6
  • ruby193-rubygem-bigdecimal-0:1.1.0-40.el6
  • ruby193-rubygem-io-console-0:0.3-40.el6
  • ruby193-rubygem-json-0:1.5.5-40.el6
  • ruby193-rubygem-minitest-0:2.5.1-40.el6
  • ruby193-rubygem-rake-0:0.9.2.2-40.el6
  • ruby193-rubygems-0:1.8.23-40.el6
  • ruby193-rubygems-0:1.8.24-9.el6ost
  • ruby193-rubygems-devel-0:1.8.23-40.el6
  • ruby193-rubygems-devel-0:1.8.24-9.el6ost
  • cumin-0:0.1.5787-4.el6
  • rubygems-0:1.8.23.2-1.el6
  • rubygems-0:1.8.24-5.el6op
  • rubygems-devel-0:1.8.24-5.el6op
refmap via4
confirm
mlist [oss-security] 20130909 CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older
secunia 55381
Last major update 22-04-2019 - 17:48
Published 17-10-2013 - 23:55
Last modified 22-04-2019 - 17:48
Back to Top