ADVISORIES

• CVE-2014-10077 (NVD)
• GHSA-34hf-g744-jw64
• Vendor Advisory

GEM

i18n

SEVERITY

CVSS v3.x: 7.5 (High)

PATCHED VERSIONS

• >= 0.8.0

DESCRIPTION

i18n Gem for Ruby contains a flaw in the Hash#slice() function in lib/i18n/core_ext/hash.rb that is triggered when calling a hash when :some_key is in keep_keys but not in the hash. This may allow an attacker to cause the program to crash.

RELATED

• OSVDB-121500