CVE-2014-3916: The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and…

CVE-2014-3916 [MEDIUM] GHSA-252h-69rw-g2rp: The str_buf_cat function in string The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

CVE-2014-3916 [MEDIUM] CWE-119 ruby: DoS via long string in str_buf_cat() ruby: DoS via long string in str_buf_cat() The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string. Statement: This issue did not affect the versions of ruby as shipped with Red Hat Enterprise Linux 5, 6 or 7 as it only affects the 64-bit Windows platform. Package: ruby (CloudForms Management Engine 5.2) - Will not fix Package: ruby (Red Hat Enterprise Linux 5) - Not affected Package: ruby (Red Hat Enterprise Linux 6) - Not affected Package: ruby (Red Hat Enterprise Linux 7) - Not affected

CVE-2014-3916 [MEDIUM] CVE-2014-3916 ruby: DoS via long string in str_buf_cat() CVE-2014-3916 ruby: DoS via long string in str_buf_cat() Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3916 to the following vulnerability: Name: CVE-2014-3916 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3916 Assigned: 20140529 Reference: http://seclists.org/oss-sec/2014/q2/362 Reference: http://seclists.org/oss-sec/2014/q2/375 Reference: https://bugs.ruby-lang.org/issues/9709 Reference: http://www.securityfocus.com/bid/67705 Reference: http://xforce.iss.net/xforce/xfdb/93505 The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string. Statement: This issue did not affect the versions of ruby as shipped with Red Hat Enterprise